
<!DOCTYPE html>
<html>
    <head>
        <title>Dependency-Check Report</title>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link rel="shortcut icon" href="data:;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAVLSURBVFhHvZdvbFRFEMB3913v9Vr+FKUNRdtrewg1lQgRE0gMYkJSowYMwcSPkGDwg8ZigMR+UYzGaIuAEj+R+IfE+EUlRL+QYAwhGBMqkFQDpO1xd/YPBaSU9u767r0dZ5a513vtXVsq8Zcsb3bu9c3szuzsIMU8iEaj5fhYJlzRYCkZ7Utd+wbnQL+Nd0TeoyeAPLFgf/oiyTNxXw6g4WUhTz4JEtaiNXLCEE8l3seHJjlzsOJHfLxMsgHE4cje9B6eTUPxc0ZoxbFHG1qVFq9rCRsKjc+KFG3oFGQ6Kw6xJsCsDqDxNZYWbWSYVUFAJFkyaA2XWAxiHIlcGPukYg1rDCVDQKsOadmqBaxllY8CuKHBuqOlHlNKufFk/GdUmxxoeqTpMbBg1dGXRlZtqHc2R8rgedIXgk4eqNyXMblS1AE2vhWNP84qAxl2hewno6wyFHOAZOLAc6PRbU+kd2OyrmbVPTg3pjlQzDgazGmh40rKMY3LZrVBCi/Tl0z+gqJxYGV9fWNOWC0kF3Jm1/C2pZWwk6cG2olpOcDb7hsHgLQGcUWAGs0bV1K7EuSQFbbOLKmuPkOvkZ64mkzG8bXz5BirDBuP1fzQP6I+5yl9eAS9vxjYAVz9esx0P2a0ck+73VKGPFaR8Vtpx7k0ODiYZlVJmpcvfzirwi1SyUWsMiF5ZXX6A1zJzsq9mRO+A7T1lO2BIyZVN/6bJZFWnQO4Wl1dnerq6sqRbq401TWtw9qxjGT6zhfbs3+0Hrw+THPfgVhdA8Xdz3j84RpIdZOngrY1kUgMOR3lG1kVREkHhBp3smJ4wdLmf+TuoJOxuroW3NI6zN6L9B1W33MAV1+FW99mNIgUclBaYtCPObjx3lTqT5KxqJyk52y4nv5u4f7stzzNY+Hww0ncS0JXBIoDWryRN07JVlVTc9Xo74OQpV7F6ndk5CO7iVVEwDihVqxYYVtKrOc5bckIgHJIpnhl3MxfpWIuJZyWAMdo0Io1AOXMJFI0hm3VzrOiYG2BmsLEAz0Zd9DWzZmyHd/tLt+bOUmDthuzun3C8dryjqCDdzF5tqcPRr40f1AElcvl6lgmJkC5d1kWYS8bZ3HOVL0z0TcKiz70tBjAML4opVgsoeB2nIJyXfeKJfRxGo52j4ds+xwWmN9t1/7t8sDALX7vvqjdd31cChgi40YhZdXUSyiPGkAjPalUL43+/v6/e3p6btC4PHB5XsZ9sMqxZJAWbGIxwJz6gfkAWl5jcUYUbU1+3D60uIp0PPwiNR/wZAW3HERRh5Sy4C3LEhdoiAn368b6xhdoxKLRVn5nXmDpfZZFg7J00f5QgRYJlkV5GWyJVnk2yRpUKBaLFZ6QOYMFaAdW0x08xcXDr5E9E8V3wAmFD7NseO3pMf8uh1xuJYuzQuGjMJreT4rJc4/XrvZk6aZ0yZ47WPkm47M55mxnET23IrW1tRU8DUBFBlf2faYzcptGuefETRix9+NXDNhLHJmpPTenAON1xMyQRbZevaV5ooanwrbsdSz6kPF8kaEz7o9CqOEAvPO59yuFccBR4a/MjGnfNDp5M2IzgQnpd8QB41NBoxRvarWyVrgRe77Ad4vhHzX6H41S8l2eitO9ZR+/+dNDZ3lqbsW+VN/52x12YxlY04xbZd5IqUSbCd8BSiLby13AlTWwSnx6tvKNY10LzCmhm7E3kTiFYqAp/a/4lZCSUYIX6Frffmb86K6nxqJknDoZVD1Q48S0ajc1FBTXU8mFzVs/G77OmgdK0XLLZ7nNnGHuXvmn/w9yYrwzUvIefzAI8S83C2sS1J4rmAAAAABJRU5ErkJggg==" />
        <script type="text/javascript">
        /*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */
        !function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[o.call(e)]||"object":typeof e}var f="3.5.1",S=function(e,t){return new S.fn.init(e,t)};function p(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}S.fn=S.prototype={jquery:f,constructor:S,length:0,toArray:function(){return s.call(this)},get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=S.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return S.each(this,e)},map:function(n){return this.pushStack(S.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(s.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(S.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(S.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:u,sort:t.sort,splice:t.splice},S.extend=S.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||m(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(S.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||S.isPlainObject(n)?n:{},i=!1,a[t]=S.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},S.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==o.call(e))&&(!(t=r(e))||"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){b(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(p(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},makeArray:function(e,t){var n=t||[];return null!=e&&(p(Object(e))?S.merge(n,"string"==typeof e?[e]:e):u.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:i.call(t,e,n)},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o=0,a=[];if(p(e))for(r=e.length;o<r;o++)null!=(i=t(e[o],o,n))&&a.push(i);else for(o in e)null!=(i=t(e[o],o,n))&&a.push(i);return g(a)},guid:1,support:y}),"function"==typeof Symbol&&(S.fn[Symbol.iterator]=t[Symbol.iterator]),S.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var d=function(n){var e,d,b,o,i,h,f,g,w,u,l,T,C,a,E,v,s,c,y,S="sizzle"+1*new Date,p=n.document,k=0,r=0,m=ue(),x=ue(),A=ue(),N=ue(),D=function(e,t){return e===t&&(l=!0),0},j={}.hasOwnProperty,t=[],q=t.pop,L=t.push,H=t.push,O=t.slice,P=function(e,t){for(var n=0,r=e.length;n<r;n++)if(e[n]===t)return n;return-1},R="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",M="[\\x20\\t\\r\\n\\f]",I="(?:\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\[^\\r\\n\\f]|[\\w-]|[^\0-\\x7f])+",W="\\["+M+"*("+I+")(?:"+M+"*([*^$|!~]?=)"+M+"*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|("+I+"))|)"+M+"*\\]",F=":("+I+")(?:\\((('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|((?:\\\\.|[^\\\\()[\\]]|"+W+")*)|.*)\\)|)",B=new RegExp(M+"+","g"),$=new RegExp("^"+M+"+|((?:^|[^\\\\])(?:\\\\.)*)"+M+"+$","g"),_=new RegExp("^"+M+"*,"+M+"*"),z=new RegExp("^"+M+"*([>+~]|"+M+")"+M+"*"),U=new RegExp(M+"|>"),X=new RegExp(F),V=new RegExp("^"+I+"$"),G={ID:new RegExp("^#("+I+")"),CLASS:new RegExp("^\\.("+I+")"),TAG:new RegExp("^("+I+"|[*])"),ATTR:new RegExp("^"+W),PSEUDO:new RegExp("^"+F),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\\)|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+M+"*((?:-\\d)?\\d*)"+M+"*\\)|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},oe=function(){T()},ae=be(function(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(p.childNodes),p.childNodes),t[p.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function se(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&(T(e),e=e||C,E)){if(11!==p&&(u=Z.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return n.push(a),n}else if(f&&(a=f.getElementById(i))&&y(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!N[t+" "]&&(!v||!v.test(t))&&(1!==p||"object"!==e.nodeName.toLowerCase())){if(c=t,f=e,1===p&&(U.test(t)||z.test(t))){(f=ee.test(t)&&ye(e.parentNode)||e)===e&&d.scope||((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){N(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return g(t.replace($,"$1"),e,n,r)}function ue(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[S]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("|"),r=n.length;while(r--)b.attrHandle[n[r]]=t}function pe(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&ae(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function ve(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e.namespaceURI,n=(e.ownerDocument||e).documentElement;return!Y.test(t||n&&n.nodeName||"HTML")},T=se.setDocument=function(e){var t,n,r=e?e.ownerDocument||e:p;return r!=C&&9===r.nodeType&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),p!=C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.scope=ce(function(e){return a.appendChild(e).appendChild(C.createElement("div")),"undefined"!=typeof e.querySelectorAll&&!e.querySelectorAll(":scope fieldset div").length}),d.attributes=ce(function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce(function(e){return a.appendChild(e).id=S,!C.getElementsByName||!C.getElementsByName(S).length}),d.getById?(b.filter.ID=function(e){var t=e.replace(te,ne);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],v=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){var t;a.appendChild(e).innerHTML="<a id='"+S+"'></a><select id='"+S+"-\r\\' msallowcapture=''><option selected=''></option></select>",e.querySelectorAll("[msallowcapture^='']").length&&v.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||v.push("\\["+M+"*(?:value|"+R+")"),e.querySelectorAll("[id~="+S+"-]").length||v.push("~="),(t=C.createElement("input")).setAttribute("name",""),e.appendChild(t),e.querySelectorAll("[name='']").length||v.push("\\["+M+"*name"+M+"*="+M+"*(?:''|\"\")"),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+S+"+*").length||v.push(".#.+[+~]"),e.querySelectorAll("\\\f"),v.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="<a href='' disabled='disabled'></a><select disabled='disabled'><option/></select>";var t=C.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),v.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatchesSelector||a.oMatchesSelector||a.msMatchesSelector))&&ce(function(e){d.disconnectedMatch=c.call(e,"*"),c.call(e,"[s!='']:x"),s.push("!=",F)}),v=v.length&&new RegExp(v.join("|")),s=s.length&&new RegExp(s.join("|")),t=K.test(a.compareDocumentPosition),y=t||K.test(a.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},D=t?function(e,t){if(e===t)return l=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C||e.ownerDocument==p&&y(p,e)?-1:t==C||t.ownerDocument==p&&y(p,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1)}:function(e,t){if(e===t)return l=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e==C?-1:t==C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]==p?-1:s[r]==p?1:0}),C},se.matches=function(e,t){return se(e,null,null,t)},se.matchesSelector=function(e,t){if(T(e),d.matchesSelector&&E&&!N[t+" "]&&(!s||!s.test(t))&&(!v||!v.test(t)))try{var n=c.call(e,t);if(n||d.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){N(t,!0)}return 0<se(t,C,null,[e]).length},se.contains=function(e,t){return(e.ownerDocument||e)!=C&&T(e),y(e,t)},se.attr=function(e,t){(e.ownerDocument||e)!=C&&T(e);var n=b.attrHandle[t.toLowerCase()],r=n&&j.call(b.attrHandle,t.toLowerCase())?n(e,t,!E):void 0;return void 0!==r?r:d.attributes||!E?e.getAttribute(t):(r=e.getAttributeNode(t))&&r.specified?r.value:null},se.escape=function(e){return(e+"").replace(re,ie)},se.error=function(e){throw new Error("Syntax error, unrecognized expression: "+e)},se.uniqueSort=function(e){var t,n=[],r=0,i=0;if(l=!d.detectDuplicates,u=!d.sortStable&&e.slice(0),e.sort(D),l){while(t=e[i++])t===e[i]&&(r=n.push(i));while(r--)e.splice(n[r],1)}return u=null,e},o=se.getText=function(e){var t,n="",r=0,i=e.nodeType;if(i){if(1===i||9===i||11===i){if("string"==typeof e.textContent)return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=o(e)}else if(3===i||4===i)return e.nodeValue}else while(t=e[r++])n+=o(t);return n},(b=se.selectors={cacheLength:50,createPseudo:le,match:G,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(te,ne),e[3]=(e[3]||e[4]||e[5]||"").replace(te,ne),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||se.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&se.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return G.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=h(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(te,ne).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=m[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&m(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1<t.indexOf(i):"$="===r?i&&t.slice(-i.length)===i:"~="===r?-1<(" "+t.replace(B," ")+" ").indexOf(i):"|="===r&&(t===i||t.slice(0,i.length+1)===i+"-"))}},CHILD:function(h,e,t,g,v){var y="nth"!==h.slice(0,3),m="last"!==h.slice(-4),x="of-type"===e;return 1===g&&0===v?function(e){return!!e.parentNode}:function(e,t,n){var r,i,o,a,s,u,l=y!==m?"nextSibling":"previousSibling",c=e.parentNode,f=x&&e.nodeName.toLowerCase(),p=!n&&!x,d=!1;if(c){if(y){while(l){a=e;while(a=a[l])if(x?a.nodeName.toLowerCase()===f:1===a.nodeType)return!1;u=l="only"===h&&!u&&"nextSibling"}return!0}if(u=[m?c.firstChild:c.lastChild],m&&p){d=(s=(r=(i=(o=(a=c)[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===k&&r[1])&&r[2],a=s&&c.childNodes[s];while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if(1===a.nodeType&&++d&&a===e){i[h]=[k,s,d];break}}else if(p&&(d=s=(r=(i=(o=(a=e)[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===k&&r[1]),!1===d)while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if((x?a.nodeName.toLowerCase()===f:1===a.nodeType)&&++d&&(p&&((i=(o=a[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]=[k,d]),a===e))break;return(d-=v)===g||d%g==0&&0<=d/g}}},PSEUDO:function(e,o){var t,a=b.pseudos[e]||b.setFilters[e.toLowerCase()]||se.error("unsupported pseudo: "+e);return a[S]?a(o):1<a.length?(t=[e,e,"",o],b.setFilters.hasOwnProperty(e.toLowerCase())?le(function(e,t){var n,r=a(e,o),i=r.length;while(i--)e[n=P(e,r[i])]=!(t[n]=r[i])}):function(e){return a(e,0,t)}):a}},pseudos:{not:le(function(e){var r=[],i=[],s=f(e.replace($,"$1"));return s[S]?le(function(e,t,n,r){var i,o=s(e,null,r,[]),a=e.length;while(a--)(i=o[a])&&(e[a]=!(t[a]=i))}):function(e,t,n){return r[0]=e,s(r,null,n,i),r[0]=null,!i.pop()}}),has:le(function(t){return function(e){return 0<se(t,e).length}}),contains:le(function(t){return t=t.replace(te,ne),function(e){return-1<(e.textContent||o(e)).indexOf(t)}}),lang:le(function(n){return V.test(n||"")||se.error("unsupported lang: "+n),n=n.replace(te,ne).toLowerCase(),function(e){var t;do{if(t=E?e.lang:e.getAttribute("xml:lang")||e.getAttribute("lang"))return(t=t.toLowerCase())===n||0===t.indexOf(n+"-")}while((e=e.parentNode)&&1===e.nodeType);return!1}}),target:function(e){var t=n.location&&n.location.hash;return t&&t.slice(1)===e.id},root:function(e){return e===a},focus:function(e){return e===C.activeElement&&(!C.hasFocus||C.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},enabled:ge(!1),disabled:ge(!0),checked:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&!!e.checked||"option"===t&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,!0===e.selected},empty:function(e){for(e=e.firstChild;e;e=e.nextSibling)if(e.nodeType<6)return!1;return!0},parent:function(e){return!b.pseudos.empty(e)},header:function(e){return J.test(e.nodeName)},input:function(e){return Q.test(e.nodeName)},button:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&"button"===e.type||"button"===t},text:function(e){var t;return"input"===e.nodeName.toLowerCase()&&"text"===e.type&&(null==(t=e.getAttribute("type"))||"text"===t.toLowerCase())},first:ve(function(){return[0]}),last:ve(function(e,t){return[t-1]}),eq:ve(function(e,t,n){return[n<0?n+t:n]}),even:ve(function(e,t){for(var n=0;n<t;n+=2)e.push(n);return e}),odd:ve(function(e,t){for(var n=1;n<t;n+=2)e.push(n);return e}),lt:ve(function(e,t,n){for(var r=n<0?n+t:t<n?t:n;0<=--r;)e.push(r);return e}),gt:ve(function(e,t,n){for(var r=n<0?n+t:n;++r<t;)e.push(r);return e})}}).pseudos.nth=b.pseudos.eq,{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})b.pseudos[e]=de(e);for(e in{submit:!0,reset:!0})b.pseudos[e]=he(e);function me(){}function xe(e){for(var t=0,n=e.length,r="";t<n;t++)r+=e[t].value;return r}function be(s,e,t){var u=e.dir,l=e.next,c=l||u,f=t&&"parentNode"===c,p=r++;return e.first?function(e,t,n){while(e=e[u])if(1===e.nodeType||f)return s(e,t,n);return!1}:function(e,t,n){var r,i,o,a=[k,p];if(n){while(e=e[u])if((1===e.nodeType||f)&&s(e,t,n))return!0}else while(e=e[u])if(1===e.nodeType||f)if(i=(o=e[S]||(e[S]={}))[e.uniqueID]||(o[e.uniqueID]={}),l&&l===e.nodeName.toLowerCase())e=e[u]||e;else{if((r=i[c])&&r[0]===k&&r[1]===p)return a[2]=r[2];if((i[c]=a)[2]=s(e,t,n))return!0}return!1}}function we(i){return 1<i.length?function(e,t,n){var r=i.length;while(r--)if(!i[r](e,t,n))return!1;return!0}:i[0]}function Te(e,t,n,r,i){for(var o,a=[],s=0,u=e.length,l=null!=t;s<u;s++)(o=e[s])&&(n&&!n(o,r,i)||(a.push(o),l&&t.push(s)));return a}function Ce(d,h,g,v,y,e){return v&&!v[S]&&(v=Ce(v)),y&&!y[S]&&(y=Ce(y,e)),le(function(e,t,n,r){var i,o,a,s=[],u=[],l=t.length,c=e||function(e,t,n){for(var r=0,i=t.length;r<i;r++)se(e,t[r],n);return n}(h||"*",n.nodeType?[n]:n,[]),f=!d||!e&&h?c:Te(c,s,d,n,r),p=g?y||(e?d:l||v)?[]:t:f;if(g&&g(f,p,n,r),v){i=Te(p,u),v(i,[],n,r),o=i.length;while(o--)(a=i[o])&&(p[u[o]]=!(f[u[o]]=a))}if(e){if(y||d){if(y){i=[],o=p.length;while(o--)(a=p[o])&&i.push(f[o]=a);y(null,p=[],i,r)}o=p.length;while(o--)(a=p[o])&&-1<(i=y?P(e,a):s[o])&&(e[i]=!(t[i]=a))}}else p=Te(p===t?p.splice(l,p.length):p),y?y(null,t,p,r):H.apply(t,p)})}function Ee(e){for(var i,t,n,r=e.length,o=b.relative[e[0].type],a=o||b.relative[" "],s=o?1:0,u=be(function(e){return e===i},a,!0),l=be(function(e){return-1<P(i,e)},a,!0),c=[function(e,t,n){var r=!o&&(n||t!==w)||((i=t).nodeType?u(e,t,n):l(e,t,n));return i=null,r}];s<r;s++)if(t=b.relative[e[s].type])c=[be(we(c),t)];else{if((t=b.filter[e[s].type].apply(null,e[s].matches))[S]){for(n=++s;n<r;n++)if(b.relative[e[n].type])break;return Ce(1<s&&we(c),1<s&&xe(e.slice(0,s-1).concat({value:" "===e[s-2].type?"*":""})).replace($,"$1"),t,s<n&&Ee(e.slice(s,n)),n<r&&Ee(e=e.slice(n)),n<r&&xe(e))}c.push(t)}return we(c)}return me.prototype=b.filters=b.pseudos,b.setFilters=new me,h=se.tokenize=function(e,t){var n,r,i,o,a,s,u,l=x[e+" "];if(l)return t?0:l.slice(0);a=e,s=[],u=b.preFilter;while(a){for(o in n&&!(r=_.exec(a))||(r&&(a=a.slice(r[0].length)||a),s.push(i=[])),n=!1,(r=z.exec(a))&&(n=r.shift(),i.push({value:n,type:r[0].replace($," ")}),a=a.slice(n.length)),b.filter)!(r=G[o].exec(a))||u[o]&&!(r=u[o](r))||(n=r.shift(),i.push({value:n,type:o,matches:r}),a=a.slice(n.length));if(!n)break}return t?a.length:a?se.error(e):x(e,s).slice(0)},f=se.compile=function(e,t){var n,v,y,m,x,r,i=[],o=[],a=A[e+" "];if(!a){t||(t=h(e)),n=t.length;while(n--)(a=Ee(t[n]))[S]?i.push(a):o.push(a);(a=A(e,(v=o,m=0<(y=i).length,x=0<v.length,r=function(e,t,n,r,i){var o,a,s,u=0,l="0",c=e&&[],f=[],p=w,d=e||x&&b.find.TAG("*",i),h=k+=null==p?1:Math.random()||.1,g=d.length;for(i&&(w=t==C||t||i);l!==g&&null!=(o=d[l]);l++){if(x&&o){a=0,t||o.ownerDocument==C||(T(o),n=!E);while(s=v[a++])if(s(o,t||C,n)){r.push(o);break}i&&(k=h)}m&&((o=!s&&o)&&u--,e&&c.push(o))}if(u+=l,m&&l!==u){a=0;while(s=y[a++])s(c,f,t,n);if(e){if(0<u)while(l--)c[l]||f[l]||(f[l]=q.call(r));f=Te(f)}H.apply(r,f),i&&!e&&0<f.length&&1<u+y.length&&se.uniqueSort(r)}return i&&(k=h,w=p),c},m?le(r):r))).selector=e}return a},g=se.select=function(e,t,n,r){var i,o,a,s,u,l="function"==typeof e&&e,c=!r&&h(e=l.selector||e);if(n=n||[],1===c.length){if(2<(o=c[0]=c[0].slice(0)).length&&"ID"===(a=o[0]).type&&9===t.nodeType&&E&&b.relative[o[1].type]){if(!(t=(b.find.ID(a.matches[0].replace(te,ne),t)||[])[0]))return n;l&&(t=t.parentNode),e=e.slice(o.shift().value.length)}i=G.needsContext.test(e)?0:o.length;while(i--){if(a=o[i],b.relative[s=a.type])break;if((u=b.find[s])&&(r=u(a.matches[0].replace(te,ne),ee.test(o[0].type)&&ye(t.parentNode)||t))){if(o.splice(i,1),!(e=r.length&&xe(o)))return H.apply(n,r),n;break}}}return(l||f(e,c))(r,t,!E,n,!t||ee.test(e)&&ye(t.parentNode)||t),n},d.sortStable=S.split("").sort(D).join("")===S,d.detectDuplicates=!!l,T(),d.sortDetached=ce(function(e){return 1&e.compareDocumentPosition(C.createElement("fieldset"))}),ce(function(e){return e.innerHTML="<a href='#'></a>","#"===e.firstChild.getAttribute("href")})||fe("type|href|height|width",function(e,t,n){if(!n)return e.getAttribute(t,"type"===t.toLowerCase()?1:2)}),d.attributes&&ce(function(e){return e.innerHTML="<input/>",e.firstChild.setAttribute("value",""),""===e.firstChild.getAttribute("value")})||fe("value",function(e,t,n){if(!n&&"input"===e.nodeName.toLowerCase())return e.defaultValue}),ce(function(e){return null==e.getAttribute("disabled")})||fe(R,function(e,t,n){var r;if(!n)return!0===e[t]?t.toLowerCase():(r=e.getAttributeNode(t))&&r.specified?r.value:null}),se}(C);S.find=d,S.expr=d.selectors,S.expr[":"]=S.expr.pseudos,S.uniqueSort=S.unique=d.uniqueSort,S.text=d.getText,S.isXMLDoc=d.isXML,S.contains=d.contains,S.escapeSelector=d.escape;var h=function(e,t,n){var r=[],i=void 0!==n;while((e=e[t])&&9!==e.nodeType)if(1===e.nodeType){if(i&&S(e).is(n))break;r.push(e)}return r},T=function(e,t){for(var n=[];e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n},k=S.expr.match.needsContext;function A(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}var N=/^<([a-z][^\/\0>:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function D(e,n,r){return m(n)?S.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?S.grep(e,function(e){return e===n!==r}):"string"!=typeof n?S.grep(e,function(e){return-1<i.call(n,e)!==r}):S.filter(n,e,r)}S.filter=function(e,t,n){var r=t[0];return n&&(e=":not("+e+")"),1===t.length&&1===r.nodeType?S.find.matchesSelector(r,e)?[r]:[]:S.find.matches(e,S.grep(t,function(e){return 1===e.nodeType}))},S.fn.extend({find:function(e){var t,n,r=this.length,i=this;if("string"!=typeof e)return this.pushStack(S(e).filter(function(){for(t=0;t<r;t++)if(S.contains(i[t],this))return!0}));for(n=this.pushStack([]),t=0;t<r;t++)S.find(e,i[t],n);return 1<r?S.uniqueSort(n):n},filter:function(e){return this.pushStack(D(this,e||[],!1))},not:function(e){return this.pushStack(D(this,e||[],!0))},is:function(e){return!!D(this,"string"==typeof e&&k.test(e)?S(e):e||[],!1).length}});var j,q=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]+))$/;(S.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||j,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:q.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof S?t[0]:t,S.merge(this,S.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:E,!0)),N.test(r[1])&&S.isPlainObject(t))for(r in t)m(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=E.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):m(e)?void 0!==n.ready?n.ready(e):e(S):S.makeArray(e,this)}).prototype=S.fn,j=S(E);var L=/^(?:parents|prev(?:Until|All))/,H={children:!0,contents:!0,next:!0,prev:!0};function O(e,t){while((e=e[t])&&1!==e.nodeType);return e}S.fn.extend({has:function(e){var t=S(e,this),n=t.length;return this.filter(function(){for(var e=0;e<n;e++)if(S.contains(this,t[e]))return!0})},closest:function(e,t){var n,r=0,i=this.length,o=[],a="string"!=typeof e&&S(e);if(!k.test(e))for(;r<i;r++)for(n=this[r];n&&n!==t;n=n.parentNode)if(n.nodeType<11&&(a?-1<a.index(n):1===n.nodeType&&S.find.matchesSelector(n,e))){o.push(n);break}return this.pushStack(1<o.length?S.uniqueSort(o):o)},index:function(e){return e?"string"==typeof e?i.call(S(e),this[0]):i.call(this,e.jquery?e[0]:e):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){return this.pushStack(S.uniqueSort(S.merge(this.get(),S(e,t))))},addBack:function(e){return this.add(null==e?this.prevObject:this.prevObject.filter(e))}}),S.each({parent:function(e){var t=e.parentNode;return t&&11!==t.nodeType?t:null},parents:function(e){return h(e,"parentNode")},parentsUntil:function(e,t,n){return h(e,"parentNode",n)},next:function(e){return O(e,"nextSibling")},prev:function(e){return O(e,"previousSibling")},nextAll:function(e){return h(e,"nextSibling")},prevAll:function(e){return h(e,"previousSibling")},nextUntil:function(e,t,n){return h(e,"nextSibling",n)},prevUntil:function(e,t,n){return h(e,"previousSibling",n)},siblings:function(e){return T((e.parentNode||{}).firstChild,e)},children:function(e){return T(e.firstChild)},contents:function(e){return null!=e.contentDocument&&r(e.contentDocument)?e.contentDocument:(A(e,"template")&&(e=e.content||e),S.merge([],e.childNodes))}},function(r,i){S.fn[r]=function(e,t){var n=S.map(this,i,e);return"Until"!==r.slice(-5)&&(t=e),t&&"string"==typeof t&&(n=S.filter(t,n)),1<this.length&&(H[r]||S.uniqueSort(n),L.test(r)&&n.reverse()),this.pushStack(n)}});var P=/[^\x20\t\r\n\f]+/g;function R(e){return e}function M(e){throw e}function I(e,t,n,r){var i;try{e&&m(i=e.promise)?i.call(e).done(t).fail(n):e&&m(i=e.then)?i.call(e,t,n):t.apply(void 0,[e].slice(r))}catch(e){n.apply(void 0,[e])}}S.Callbacks=function(r){var e,n;r="string"==typeof r?(e=r,n={},S.each(e.match(P)||[],function(e,t){n[t]=!0}),n):S.extend({},r);var i,t,o,a,s=[],u=[],l=-1,c=function(){for(a=a||r.once,o=i=!0;u.length;l=-1){t=u.shift();while(++l<s.length)!1===s[l].apply(t[0],t[1])&&r.stopOnFalse&&(l=s.length,t=!1)}r.memory||(t=!1),i=!1,a&&(s=t?[]:"")},f={add:function(){return s&&(t&&!i&&(l=s.length-1,u.push(t)),function n(e){S.each(e,function(e,t){m(t)?r.unique&&f.has(t)||s.push(t):t&&t.length&&"string"!==w(t)&&n(t)})}(arguments),t&&!i&&c()),this},remove:function(){return S.each(arguments,function(e,t){var n;while(-1<(n=S.inArray(t,s,n)))s.splice(n,1),n<=l&&l--}),this},has:function(e){return e?-1<S.inArray(e,s):0<s.length},empty:function(){return s&&(s=[]),this},disable:function(){return a=u=[],s=t="",this},disabled:function(){return!s},lock:function(){return a=u=[],t||i||(s=t=""),this},locked:function(){return!!a},fireWith:function(e,t){return a||(t=[e,(t=t||[]).slice?t.slice():t],u.push(t),i||c()),this},fire:function(){return f.fireWith(this,arguments),this},fired:function(){return!!o}};return f},S.extend({Deferred:function(e){var o=[["notify","progress",S.Callbacks("memory"),S.Callbacks("memory"),2],["resolve","done",S.Callbacks("once memory"),S.Callbacks("once memory"),0,"resolved"],["reject","fail",S.Callbacks("once memory"),S.Callbacks("once memory"),1,"rejected"]],i="pending",a={state:function(){return i},always:function(){return s.done(arguments).fail(arguments),this},"catch":function(e){return a.then(null,e)},pipe:function(){var i=arguments;return S.Deferred(function(r){S.each(o,function(e,t){var n=m(i[t[4]])&&i[t[4]];s[t[1]](function(){var e=n&&n.apply(this,arguments);e&&m(e.promise)?e.promise().progress(r.notify).done(r.resolve).fail(r.reject):r[t[0]+"With"](this,n?[e]:arguments)})}),i=null}).promise()},then:function(t,n,r){var u=0;function l(i,o,a,s){return function(){var n=this,r=arguments,e=function(){var e,t;if(!(i<u)){if((e=a.apply(n,r))===o.promise())throw new TypeError("Thenable self-resolution");t=e&&("object"==typeof e||"function"==typeof e)&&e.then,m(t)?s?t.call(e,l(u,o,R,s),l(u,o,M,s)):(u++,t.call(e,l(u,o,R,s),l(u,o,M,s),l(u,o,R,o.notifyWith))):(a!==R&&(n=void 0,r=[e]),(s||o.resolveWith)(n,r))}},t=s?e:function(){try{e()}catch(e){S.Deferred.exceptionHook&&S.Deferred.exceptionHook(e,t.stackTrace),u<=i+1&&(a!==M&&(n=void 0,r=[e]),o.rejectWith(n,r))}};i?t():(S.Deferred.getStackHook&&(t.stackTrace=S.Deferred.getStackHook()),C.setTimeout(t))}}return S.Deferred(function(e){o[0][3].add(l(0,e,m(r)?r:R,e.notifyWith)),o[1][3].add(l(0,e,m(t)?t:R)),o[2][3].add(l(0,e,m(n)?n:M))}).promise()},promise:function(e){return null!=e?S.extend(e,a):a}},s={};return S.each(o,function(e,t){var n=t[2],r=t[5];a[t[1]]=n.add,r&&n.add(function(){i=r},o[3-e][2].disable,o[3-e][3].disable,o[0][2].lock,o[0][3].lock),n.add(t[3].fire),s[t[0]]=function(){return s[t[0]+"With"](this===s?void 0:this,arguments),this},s[t[0]+"With"]=n.fireWith}),a.promise(s),e&&e.call(s,s),s},when:function(e){var n=arguments.length,t=n,r=Array(t),i=s.call(arguments),o=S.Deferred(),a=function(t){return function(e){r[t]=this,i[t]=1<arguments.length?s.call(arguments):e,--n||o.resolveWith(r,i)}};if(n<=1&&(I(e,o.done(a(t)).resolve,o.reject,!n),"pending"===o.state()||m(i[t]&&i[t].then)))return o.then();while(t--)I(i[t],a(t),o.reject);return o.promise()}});var W=/^(Eval|Internal|Range|Reference|Syntax|Type|URI)Error$/;S.Deferred.exceptionHook=function(e,t){C.console&&C.console.warn&&e&&W.test(e.name)&&C.console.warn("jQuery.Deferred exception: "+e.message,e.stack,t)},S.readyException=function(e){C.setTimeout(function(){throw e})};var F=S.Deferred();function B(){E.removeEventListener("DOMContentLoaded",B),C.removeEventListener("load",B),S.ready()}S.fn.ready=function(e){return F.then(e)["catch"](function(e){S.readyException(e)}),this},S.extend({isReady:!1,readyWait:1,ready:function(e){(!0===e?--S.readyWait:S.isReady)||(S.isReady=!0)!==e&&0<--S.readyWait||F.resolveWith(E,[S])}}),S.ready.then=F.then,"complete"===E.readyState||"loading"!==E.readyState&&!E.documentElement.doScroll?C.setTimeout(S.ready):(E.addEventListener("DOMContentLoaded",B),C.addEventListener("load",B));var $=function(e,t,n,r,i,o,a){var s=0,u=e.length,l=null==n;if("object"===w(n))for(s in i=!0,n)$(e,t,s,n[s],!0,o,a);else if(void 0!==r&&(i=!0,m(r)||(a=!0),l&&(a?(t.call(e,r),t=null):(l=t,t=function(e,t,n){return l.call(S(e),n)})),t))for(;s<u;s++)t(e[s],n,a?r:r.call(e[s],s,t(e[s],n)));return i?e:l?t.call(e):u?t(e[0],n):o},_=/^-ms-/,z=/-([a-z])/g;function U(e,t){return t.toUpperCase()}function X(e){return e.replace(_,"ms-").replace(z,U)}var V=function(e){return 1===e.nodeType||9===e.nodeType||!+e.nodeType};function G(){this.expando=S.expando+G.uid++}G.uid=1,G.prototype={cache:function(e){var t=e[this.expando];return t||(t={},V(e)&&(e.nodeType?e[this.expando]=t:Object.defineProperty(e,this.expando,{value:t,configurable:!0}))),t},set:function(e,t,n){var r,i=this.cache(e);if("string"==typeof t)i[X(t)]=n;else for(r in t)i[X(r)]=t[r];return i},get:function(e,t){return void 0===t?this.cache(e):e[this.expando]&&e[this.expando][X(t)]},access:function(e,t,n){return void 0===t||t&&"string"==typeof t&&void 0===n?this.get(e,t):(this.set(e,t,n),void 0!==n?n:t)},remove:function(e,t){var n,r=e[this.expando];if(void 0!==r){if(void 0!==t){n=(t=Array.isArray(t)?t.map(X):(t=X(t))in r?[t]:t.match(P)||[]).length;while(n--)delete r[t[n]]}(void 0===t||S.isEmptyObject(r))&&(e.nodeType?e[this.expando]=void 0:delete e[this.expando])}},hasData:function(e){var t=e[this.expando];return void 0!==t&&!S.isEmptyObject(t)}};var Y=new G,Q=new G,J=/^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,K=/[A-Z]/g;function Z(e,t,n){var r,i;if(void 0===n&&1===e.nodeType)if(r="data-"+t.replace(K,"-$&").toLowerCase(),"string"==typeof(n=e.getAttribute(r))){try{n="true"===(i=n)||"false"!==i&&("null"===i?null:i===+i+""?+i:J.test(i)?JSON.parse(i):i)}catch(e){}Q.set(e,t,n)}else n=void 0;return n}S.extend({hasData:function(e){return Q.hasData(e)||Y.hasData(e)},data:function(e,t,n){return Q.access(e,t,n)},removeData:function(e,t){Q.remove(e,t)},_data:function(e,t,n){return Y.access(e,t,n)},_removeData:function(e,t){Y.remove(e,t)}}),S.fn.extend({data:function(n,e){var t,r,i,o=this[0],a=o&&o.attributes;if(void 0===n){if(this.length&&(i=Q.get(o),1===o.nodeType&&!Y.get(o,"hasDataAttrs"))){t=a.length;while(t--)a[t]&&0===(r=a[t].name).indexOf("data-")&&(r=X(r.slice(5)),Z(o,r,i[r]));Y.set(o,"hasDataAttrs",!0)}return i}return"object"==typeof n?this.each(function(){Q.set(this,n)}):$(this,function(e){var t;if(o&&void 0===e)return void 0!==(t=Q.get(o,n))?t:void 0!==(t=Z(o,n))?t:void 0;this.each(function(){Q.set(this,n,e)})},null,e,1<arguments.length,null,!0)},removeData:function(e){return this.each(function(){Q.remove(this,e)})}}),S.extend({queue:function(e,t,n){var r;if(e)return t=(t||"fx")+"queue",r=Y.get(e,t),n&&(!r||Array.isArray(n)?r=Y.access(e,t,S.makeArray(n)):r.push(n)),r||[]},dequeue:function(e,t){t=t||"fx";var n=S.queue(e,t),r=n.length,i=n.shift(),o=S._queueHooks(e,t);"inprogress"===i&&(i=n.shift(),r--),i&&("fx"===t&&n.unshift("inprogress"),delete o.stop,i.call(e,function(){S.dequeue(e,t)},o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return Y.get(e,n)||Y.access(e,n,{empty:S.Callbacks("once memory").add(function(){Y.remove(e,[t+"queue",n])})})}}),S.fn.extend({queue:function(t,n){var e=2;return"string"!=typeof t&&(n=t,t="fx",e--),arguments.length<e?S.queue(this[0],t):void 0===n?this:this.each(function(){var e=S.queue(this,t,n);S._queueHooks(this,t),"fx"===t&&"inprogress"!==e[0]&&S.dequeue(this,t)})},dequeue:function(e){return this.each(function(){S.dequeue(this,e)})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,t){var n,r=1,i=S.Deferred(),o=this,a=this.length,s=function(){--r||i.resolveWith(o,[o])};"string"!=typeof e&&(t=e,e=void 0),e=e||"fx";while(a--)(n=Y.get(o[a],e+"queueHooks"))&&n.empty&&(r++,n.empty.add(s));return s(),i.promise(t)}});var ee=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,te=new RegExp("^(?:([+-])=|)("+ee+")([a-z%]*)$","i"),ne=["Top","Right","Bottom","Left"],re=E.documentElement,ie=function(e){return S.contains(e.ownerDocument,e)},oe={composed:!0};re.getRootNode&&(ie=function(e){return S.contains(e.ownerDocument,e)||e.getRootNode(oe)===e.ownerDocument});var ae=function(e,t){return"none"===(e=t||e).style.display||""===e.style.display&&ie(e)&&"none"===S.css(e,"display")};function se(e,t,n,r){var i,o,a=20,s=r?function(){return r.cur()}:function(){return S.css(e,t,"")},u=s(),l=n&&n[3]||(S.cssNumber[t]?"":"px"),c=e.nodeType&&(S.cssNumber[t]||"px"!==l&&+u)&&te.exec(S.css(e,t));if(c&&c[3]!==l){u/=2,l=l||c[3],c=+u||1;while(a--)S.style(e,t,c+l),(1-o)*(1-(o=s()/u||.5))<=0&&(a=0),c/=o;c*=2,S.style(e,t,c+l),n=n||[]}return n&&(c=+c||+u||0,i=n[1]?c+(n[1]+1)*n[2]:+n[2],r&&(r.unit=l,r.start=c,r.end=i)),i}var ue={};function le(e,t){for(var n,r,i,o,a,s,u,l=[],c=0,f=e.length;c<f;c++)(r=e[c]).style&&(n=r.style.display,t?("none"===n&&(l[c]=Y.get(r,"display")||null,l[c]||(r.style.display="")),""===r.style.display&&ae(r)&&(l[c]=(u=a=o=void 0,a=(i=r).ownerDocument,s=i.nodeName,(u=ue[s])||(o=a.body.appendChild(a.createElement(s)),u=S.css(o,"display"),o.parentNode.removeChild(o),"none"===u&&(u="block"),ue[s]=u)))):"none"!==n&&(l[c]="none",Y.set(r,"display",n)));for(c=0;c<f;c++)null!=l[c]&&(e[c].style.display=l[c]);return e}S.fn.extend({show:function(){return le(this,!0)},hide:function(){return le(this)},toggle:function(e){return"boolean"==typeof e?e?this.show():this.hide():this.each(function(){ae(this)?S(this).show():S(this).hide()})}});var ce,fe,pe=/^(?:checkbox|radio)$/i,de=/<([a-z][^\/\0>\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i;ce=E.createDocumentFragment().appendChild(E.createElement("div")),(fe=E.createElement("input")).setAttribute("type","radio"),fe.setAttribute("checked","checked"),fe.setAttribute("name","t"),ce.appendChild(fe),y.checkClone=ce.cloneNode(!0).cloneNode(!0).lastChild.checked,ce.innerHTML="<textarea>x</textarea>",y.noCloneChecked=!!ce.cloneNode(!0).lastChild.defaultValue,ce.innerHTML="<option></option>",y.option=!!ce.lastChild;var ge={thead:[1,"<table>","</table>"],col:[2,"<table><colgroup>","</colgroup></table>"],tr:[2,"<table><tbody>","</tbody></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],_default:[0,"",""]};function ve(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&A(e,t)?S.merge([e],n):n}function ye(e,t){for(var n=0,r=e.length;n<r;n++)Y.set(e[n],"globalEval",!t||Y.get(t[n],"globalEval"))}ge.tbody=ge.tfoot=ge.colgroup=ge.caption=ge.thead,ge.th=ge.td,y.option||(ge.optgroup=ge.option=[1,"<select multiple='multiple'>","</select>"]);var me=/<|&#?\w+;/;function xe(e,t,n,r,i){for(var o,a,s,u,l,c,f=t.createDocumentFragment(),p=[],d=0,h=e.length;d<h;d++)if((o=e[d])||0===o)if("object"===w(o))S.merge(p,o.nodeType?[o]:o);else if(me.test(o)){a=a||f.appendChild(t.createElement("div")),s=(de.exec(o)||["",""])[1].toLowerCase(),u=ge[s]||ge._default,a.innerHTML=u[1]+S.htmlPrefilter(o)+u[2],c=u[0];while(c--)a=a.lastChild;S.merge(p,a.childNodes),(a=f.firstChild).textContent=""}else p.push(t.createTextNode(o));f.textContent="",d=0;while(o=p[d++])if(r&&-1<S.inArray(o,r))i&&i.push(o);else if(l=ie(o),a=ve(f.appendChild(o),"script"),l&&ye(a),n){c=0;while(o=a[c++])he.test(o.type||"")&&n.push(o)}return f}var be=/^key/,we=/^(?:mouse|pointer|contextmenu|drag|drop)|click/,Te=/^([^.]*)(?:\.(.+)|)/;function Ce(){return!0}function Ee(){return!1}function Se(e,t){return e===function(){try{return E.activeElement}catch(e){}}()==("focus"===t)}function ke(e,t,n,r,i,o){var a,s;if("object"==typeof t){for(s in"string"!=typeof n&&(r=r||n,n=void 0),t)ke(e,s,n,r,t[s],o);return e}if(null==r&&null==i?(i=n,r=n=void 0):null==i&&("string"==typeof n?(i=r,r=void 0):(i=r,r=n,n=void 0)),!1===i)i=Ee;else if(!i)return e;return 1===o&&(a=i,(i=function(e){return S().off(e),a.apply(this,arguments)}).guid=a.guid||(a.guid=S.guid++)),e.each(function(){S.event.add(this,t,i,r,n)})}function Ae(e,i,o){o?(Y.set(e,i,!1),S.event.add(e,i,{namespace:!1,handler:function(e){var t,n,r=Y.get(this,i);if(1&e.isTrigger&&this[i]){if(r.length)(S.event.special[i]||{}).delegateType&&e.stopPropagation();else if(r=s.call(arguments),Y.set(this,i,r),t=o(this,i),this[i](),r!==(n=Y.get(this,i))||t?Y.set(this,i,!1):n={},r!==n)return e.stopImmediatePropagation(),e.preventDefault(),n.value}else r.length&&(Y.set(this,i,{value:S.event.trigger(S.extend(r[0],S.Event.prototype),r.slice(1),this)}),e.stopImmediatePropagation())}})):void 0===Y.get(e,i)&&S.event.add(e,i,Ce)}S.event={global:{},add:function(t,e,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Y.get(t);if(V(t)){n.handler&&(n=(o=n).handler,i=o.selector),i&&S.find.matchesSelector(re,i),n.guid||(n.guid=S.guid++),(u=v.events)||(u=v.events=Object.create(null)),(a=v.handle)||(a=v.handle=function(e){return"undefined"!=typeof S&&S.event.triggered!==e.type?S.event.dispatch.apply(t,arguments):void 0}),l=(e=(e||"").match(P)||[""]).length;while(l--)d=g=(s=Te.exec(e[l])||[])[1],h=(s[2]||"").split(".").sort(),d&&(f=S.event.special[d]||{},d=(i?f.delegateType:f.bindType)||d,f=S.event.special[d]||{},c=S.extend({type:d,origType:g,data:r,handler:n,guid:n.guid,selector:i,needsContext:i&&S.expr.match.needsContext.test(i),namespace:h.join(".")},o),(p=u[d])||((p=u[d]=[]).delegateCount=0,f.setup&&!1!==f.setup.call(t,r,h,a)||t.addEventListener&&t.addEventListener(d,a)),f.add&&(f.add.call(t,c),c.handler.guid||(c.handler.guid=n.guid)),i?p.splice(p.delegateCount++,0,c):p.push(c),S.event.global[d]=!0)}},remove:function(e,t,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Y.hasData(e)&&Y.get(e);if(v&&(u=v.events)){l=(t=(t||"").match(P)||[""]).length;while(l--)if(d=g=(s=Te.exec(t[l])||[])[1],h=(s[2]||"").split(".").sort(),d){f=S.event.special[d]||{},p=u[d=(r?f.delegateType:f.bindType)||d]||[],s=s[2]&&new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),a=o=p.length;while(o--)c=p[o],!i&&g!==c.origType||n&&n.guid!==c.guid||s&&!s.test(c.namespace)||r&&r!==c.selector&&("**"!==r||!c.selector)||(p.splice(o,1),c.selector&&p.delegateCount--,f.remove&&f.remove.call(e,c));a&&!p.length&&(f.teardown&&!1!==f.teardown.call(e,h,v.handle)||S.removeEvent(e,d,v.handle),delete u[d])}else for(d in u)S.event.remove(e,d+t[l],n,r,!0);S.isEmptyObject(u)&&Y.remove(e,"handle events")}},dispatch:function(e){var t,n,r,i,o,a,s=new Array(arguments.length),u=S.event.fix(e),l=(Y.get(this,"events")||Object.create(null))[u.type]||[],c=S.event.special[u.type]||{};for(s[0]=u,t=1;t<arguments.length;t++)s[t]=arguments[t];if(u.delegateTarget=this,!c.preDispatch||!1!==c.preDispatch.call(this,u)){a=S.event.handlers.call(this,u,l),t=0;while((i=a[t++])&&!u.isPropagationStopped()){u.currentTarget=i.elem,n=0;while((o=i.handlers[n++])&&!u.isImmediatePropagationStopped())u.rnamespace&&!1!==o.namespace&&!u.rnamespace.test(o.namespace)||(u.handleObj=o,u.data=o.data,void 0!==(r=((S.event.special[o.origType]||{}).handle||o.handler).apply(i.elem,s))&&!1===(u.result=r)&&(u.preventDefault(),u.stopPropagation()))}return c.postDispatch&&c.postDispatch.call(this,u),u.result}},handlers:function(e,t){var n,r,i,o,a,s=[],u=t.delegateCount,l=e.target;if(u&&l.nodeType&&!("click"===e.type&&1<=e.button))for(;l!==this;l=l.parentNode||this)if(1===l.nodeType&&("click"!==e.type||!0!==l.disabled)){for(o=[],a={},n=0;n<u;n++)void 0===a[i=(r=t[n]).selector+" "]&&(a[i]=r.needsContext?-1<S(i,this).index(l):S.find(i,this,null,[l]).length),a[i]&&o.push(r);o.length&&s.push({elem:l,handlers:o})}return l=this,u<t.length&&s.push({elem:l,handlers:t.slice(u)}),s},addProp:function(t,e){Object.defineProperty(S.Event.prototype,t,{enumerable:!0,configurable:!0,get:m(e)?function(){if(this.originalEvent)return e(this.originalEvent)}:function(){if(this.originalEvent)return this.originalEvent[t]},set:function(e){Object.defineProperty(this,t,{enumerable:!0,configurable:!0,writable:!0,value:e})}})},fix:function(e){return e[S.expando]?e:new S.Event(e)},special:{load:{noBubble:!0},click:{setup:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&Ae(t,"click",Ce),!1},trigger:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&Ae(t,"click"),!0},_default:function(e){var t=e.target;return pe.test(t.type)&&t.click&&A(t,"input")&&Y.get(t,"click")||A(t,"a")}},beforeunload:{postDispatch:function(e){void 0!==e.result&&e.originalEvent&&(e.originalEvent.returnValue=e.result)}}}},S.removeEvent=function(e,t,n){e.removeEventListener&&e.removeEventListener(t,n)},S.Event=function(e,t){if(!(this instanceof S.Event))return new S.Event(e,t);e&&e.type?(this.originalEvent=e,this.type=e.type,this.isDefaultPrevented=e.defaultPrevented||void 0===e.defaultPrevented&&!1===e.returnValue?Ce:Ee,this.target=e.target&&3===e.target.nodeType?e.target.parentNode:e.target,this.currentTarget=e.currentTarget,this.relatedTarget=e.relatedTarget):this.type=e,t&&S.extend(this,t),this.timeStamp=e&&e.timeStamp||Date.now(),this[S.expando]=!0},S.Event.prototype={constructor:S.Event,isDefaultPrevented:Ee,isPropagationStopped:Ee,isImmediatePropagationStopped:Ee,isSimulated:!1,preventDefault:function(){var e=this.originalEvent;this.isDefaultPrevented=Ce,e&&!this.isSimulated&&e.preventDefault()},stopPropagation:function(){var e=this.originalEvent;this.isPropagationStopped=Ce,e&&!this.isSimulated&&e.stopPropagation()},stopImmediatePropagation:function(){var e=this.originalEvent;this.isImmediatePropagationStopped=Ce,e&&!this.isSimulated&&e.stopImmediatePropagation(),this.stopPropagation()}},S.each({altKey:!0,bubbles:!0,cancelable:!0,changedTouches:!0,ctrlKey:!0,detail:!0,eventPhase:!0,metaKey:!0,pageX:!0,pageY:!0,shiftKey:!0,view:!0,"char":!0,code:!0,charCode:!0,key:!0,keyCode:!0,button:!0,buttons:!0,clientX:!0,clientY:!0,offsetX:!0,offsetY:!0,pointerId:!0,pointerType:!0,screenX:!0,screenY:!0,targetTouches:!0,toElement:!0,touches:!0,which:function(e){var t=e.button;return null==e.which&&be.test(e.type)?null!=e.charCode?e.charCode:e.keyCode:!e.which&&void 0!==t&&we.test(e.type)?1&t?1:2&t?3:4&t?2:0:e.which}},S.event.addProp),S.each({focus:"focusin",blur:"focusout"},function(e,t){S.event.special[e]={setup:function(){return Ae(this,e,Se),!1},trigger:function(){return Ae(this,e),!0},delegateType:t}}),S.each({mouseenter:"mouseover",mouseleave:"mouseout",pointerenter:"pointerover",pointerleave:"pointerout"},function(e,i){S.event.special[e]={delegateType:i,bindType:i,handle:function(e){var t,n=e.relatedTarget,r=e.handleObj;return n&&(n===this||S.contains(this,n))||(e.type=r.origType,t=r.handler.apply(this,arguments),e.type=i),t}}}),S.fn.extend({on:function(e,t,n,r){return ke(this,e,t,n,r)},one:function(e,t,n,r){return ke(this,e,t,n,r,1)},off:function(e,t,n){var r,i;if(e&&e.preventDefault&&e.handleObj)return r=e.handleObj,S(e.delegateTarget).off(r.namespace?r.origType+"."+r.namespace:r.origType,r.selector,r.handler),this;if("object"==typeof e){for(i in e)this.off(i,t,e[i]);return this}return!1!==t&&"function"!=typeof t||(n=t,t=void 0),!1===n&&(n=Ee),this.each(function(){S.event.remove(this,e,n,t)})}});var Ne=/<script|<style|<link/i,De=/checked\s*(?:[^=]|=\s*.checked.)/i,je=/^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g;function qe(e,t){return A(e,"table")&&A(11!==t.nodeType?t:t.firstChild,"tr")&&S(e).children("tbody")[0]||e}function Le(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function He(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Oe(e,t){var n,r,i,o,a,s;if(1===t.nodeType){if(Y.hasData(e)&&(s=Y.get(e).events))for(i in Y.remove(t,"handle events"),s)for(n=0,r=s[i].length;n<r;n++)S.event.add(t,i,s[i][n]);Q.hasData(e)&&(o=Q.access(e),a=S.extend({},o),Q.set(t,a))}}function Pe(n,r,i,o){r=g(r);var e,t,a,s,u,l,c=0,f=n.length,p=f-1,d=r[0],h=m(d);if(h||1<f&&"string"==typeof d&&!y.checkClone&&De.test(d))return n.each(function(e){var t=n.eq(e);h&&(r[0]=d.call(this,e,t.html())),Pe(t,r,i,o)});if(f&&(t=(e=xe(r,n[0].ownerDocument,!1,n,o)).firstChild,1===e.childNodes.length&&(e=t),t||o)){for(s=(a=S.map(ve(e,"script"),Le)).length;c<f;c++)u=e,c!==p&&(u=S.clone(u,!0,!0),s&&S.merge(a,ve(u,"script"))),i.call(n[c],u,c);if(s)for(l=a[a.length-1].ownerDocument,S.map(a,He),c=0;c<s;c++)u=a[c],he.test(u.type||"")&&!Y.access(u,"globalEval")&&S.contains(l,u)&&(u.src&&"module"!==(u.type||"").toLowerCase()?S._evalUrl&&!u.noModule&&S._evalUrl(u.src,{nonce:u.nonce||u.getAttribute("nonce")},l):b(u.textContent.replace(je,""),u,l))}return n}function Re(e,t,n){for(var r,i=t?S.filter(t,e):e,o=0;null!=(r=i[o]);o++)n||1!==r.nodeType||S.cleanData(ve(r)),r.parentNode&&(n&&ie(r)&&ye(ve(r,"script")),r.parentNode.removeChild(r));return e}S.extend({htmlPrefilter:function(e){return e},clone:function(e,t,n){var r,i,o,a,s,u,l,c=e.cloneNode(!0),f=ie(e);if(!(y.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||S.isXMLDoc(e)))for(a=ve(c),r=0,i=(o=ve(e)).length;r<i;r++)s=o[r],u=a[r],void 0,"input"===(l=u.nodeName.toLowerCase())&&pe.test(s.type)?u.checked=s.checked:"input"!==l&&"textarea"!==l||(u.defaultValue=s.defaultValue);if(t)if(n)for(o=o||ve(e),a=a||ve(c),r=0,i=o.length;r<i;r++)Oe(o[r],a[r]);else Oe(e,c);return 0<(a=ve(c,"script")).length&&ye(a,!f&&ve(e,"script")),c},cleanData:function(e){for(var t,n,r,i=S.event.special,o=0;void 0!==(n=e[o]);o++)if(V(n)){if(t=n[Y.expando]){if(t.events)for(r in t.events)i[r]?S.event.remove(n,r):S.removeEvent(n,r,t.handle);n[Y.expando]=void 0}n[Q.expando]&&(n[Q.expando]=void 0)}}}),S.fn.extend({detach:function(e){return Re(this,e,!0)},remove:function(e){return Re(this,e)},text:function(e){return $(this,function(e){return void 0===e?S.text(this):this.empty().each(function(){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||(this.textContent=e)})},null,e,arguments.length)},append:function(){return Pe(this,arguments,function(e){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||qe(this,e).appendChild(e)})},prepend:function(){return Pe(this,arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=qe(this,e);t.insertBefore(e,t.firstChild)}})},before:function(){return Pe(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this)})},after:function(){return Pe(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)})},empty:function(){for(var e,t=0;null!=(e=this[t]);t++)1===e.nodeType&&(S.cleanData(ve(e,!1)),e.textContent="");return this},clone:function(e,t){return e=null!=e&&e,t=null==t?e:t,this.map(function(){return S.clone(this,e,t)})},html:function(e){return $(this,function(e){var t=this[0]||{},n=0,r=this.length;if(void 0===e&&1===t.nodeType)return t.innerHTML;if("string"==typeof e&&!Ne.test(e)&&!ge[(de.exec(e)||["",""])[1].toLowerCase()]){e=S.htmlPrefilter(e);try{for(;n<r;n++)1===(t=this[n]||{}).nodeType&&(S.cleanData(ve(t,!1)),t.innerHTML=e);t=0}catch(e){}}t&&this.empty().append(e)},null,e,arguments.length)},replaceWith:function(){var n=[];return Pe(this,arguments,function(e){var t=this.parentNode;S.inArray(this,n)<0&&(S.cleanData(ve(this)),t&&t.replaceChild(e,this))},n)}}),S.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(e,a){S.fn[e]=function(e){for(var t,n=[],r=S(e),i=r.length-1,o=0;o<=i;o++)t=o===i?this:this.clone(!0),S(r[o])[a](t),u.apply(n,t.get());return this.pushStack(n)}});var Me=new RegExp("^("+ee+")(?!px)[a-z%]+$","i"),Ie=function(e){var t=e.ownerDocument.defaultView;return t&&t.opener||(t=C),t.getComputedStyle(e)},We=function(e,t,n){var r,i,o={};for(i in t)o[i]=e.style[i],e.style[i]=t[i];for(i in r=n.call(e),t)e.style[i]=o[i];return r},Fe=new RegExp(ne.join("|"),"i");function Be(e,t,n){var r,i,o,a,s=e.style;return(n=n||Ie(e))&&(""!==(a=n.getPropertyValue(t)||n[t])||ie(e)||(a=S.style(e,t)),!y.pixelBoxStyles()&&Me.test(a)&&Fe.test(t)&&(r=s.width,i=s.minWidth,o=s.maxWidth,s.minWidth=s.maxWidth=s.width=a,a=n.width,s.width=r,s.minWidth=i,s.maxWidth=o)),void 0!==a?a+"":a}function $e(e,t){return{get:function(){if(!e())return(this.get=t).apply(this,arguments);delete this.get}}}!function(){function e(){if(l){u.style.cssText="position:absolute;left:-11111px;width:60px;margin-top:1px;padding:0;border:0",l.style.cssText="position:relative;display:block;box-sizing:border-box;overflow:scroll;margin:auto;border:1px;padding:1px;width:60%;top:1%",re.appendChild(u).appendChild(l);var e=C.getComputedStyle(l);n="1%"!==e.top,s=12===t(e.marginLeft),l.style.right="60%",o=36===t(e.right),r=36===t(e.width),l.style.position="absolute",i=12===t(l.offsetWidth/3),re.removeChild(u),l=null}}function t(e){return Math.round(parseFloat(e))}var n,r,i,o,a,s,u=E.createElement("div"),l=E.createElement("div");l.style&&(l.style.backgroundClip="content-box",l.cloneNode(!0).style.backgroundClip="",y.clearCloneStyle="content-box"===l.style.backgroundClip,S.extend(y,{boxSizingReliable:function(){return e(),r},pixelBoxStyles:function(){return e(),o},pixelPosition:function(){return e(),n},reliableMarginLeft:function(){return e(),s},scrollboxSize:function(){return e(),i},reliableTrDimensions:function(){var e,t,n,r;return null==a&&(e=E.createElement("table"),t=E.createElement("tr"),n=E.createElement("div"),e.style.cssText="position:absolute;left:-11111px",t.style.height="1px",n.style.height="9px",re.appendChild(e).appendChild(t).appendChild(n),r=C.getComputedStyle(t),a=3<parseInt(r.height),re.removeChild(e)),a}}))}();var _e=["Webkit","Moz","ms"],ze=E.createElement("div").style,Ue={};function Xe(e){var t=S.cssProps[e]||Ue[e];return t||(e in ze?e:Ue[e]=function(e){var t=e[0].toUpperCase()+e.slice(1),n=_e.length;while(n--)if((e=_e[n]+t)in ze)return e}(e)||e)}var Ve=/^(none|table(?!-c[ea]).+)/,Ge=/^--/,Ye={position:"absolute",visibility:"hidden",display:"block"},Qe={letterSpacing:"0",fontWeight:"400"};function Je(e,t,n){var r=te.exec(t);return r?Math.max(0,r[2]-(n||0))+(r[3]||"px"):t}function Ke(e,t,n,r,i,o){var a="width"===t?1:0,s=0,u=0;if(n===(r?"border":"content"))return 0;for(;a<4;a+=2)"margin"===n&&(u+=S.css(e,n+ne[a],!0,i)),r?("content"===n&&(u-=S.css(e,"padding"+ne[a],!0,i)),"margin"!==n&&(u-=S.css(e,"border"+ne[a]+"Width",!0,i))):(u+=S.css(e,"padding"+ne[a],!0,i),"padding"!==n?u+=S.css(e,"border"+ne[a]+"Width",!0,i):s+=S.css(e,"border"+ne[a]+"Width",!0,i));return!r&&0<=o&&(u+=Math.max(0,Math.ceil(e["offset"+t[0].toUpperCase()+t.slice(1)]-o-u-s-.5))||0),u}function Ze(e,t,n){var r=Ie(e),i=(!y.boxSizingReliable()||n)&&"border-box"===S.css(e,"boxSizing",!1,r),o=i,a=Be(e,t,r),s="offset"+t[0].toUpperCase()+t.slice(1);if(Me.test(a)){if(!n)return a;a="auto"}return(!y.boxSizingReliable()&&i||!y.reliableTrDimensions()&&A(e,"tr")||"auto"===a||!parseFloat(a)&&"inline"===S.css(e,"display",!1,r))&&e.getClientRects().length&&(i="border-box"===S.css(e,"boxSizing",!1,r),(o=s in e)&&(a=e[s])),(a=parseFloat(a)||0)+Ke(e,t,n||(i?"border":"content"),o,r,a)+"px"}function et(e,t,n,r,i){return new et.prototype.init(e,t,n,r,i)}S.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=Be(e,"opacity");return""===n?"1":n}}}},cssNumber:{animationIterationCount:!0,columnCount:!0,fillOpacity:!0,flexGrow:!0,flexShrink:!0,fontWeight:!0,gridArea:!0,gridColumn:!0,gridColumnEnd:!0,gridColumnStart:!0,gridRow:!0,gridRowEnd:!0,gridRowStart:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{},style:function(e,t,n,r){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var i,o,a,s=X(t),u=Ge.test(t),l=e.style;if(u||(t=Xe(s)),a=S.cssHooks[t]||S.cssHooks[s],void 0===n)return a&&"get"in a&&void 0!==(i=a.get(e,!1,r))?i:l[t];"string"===(o=typeof n)&&(i=te.exec(n))&&i[1]&&(n=se(e,t,i),o="number"),null!=n&&n==n&&("number"!==o||u||(n+=i&&i[3]||(S.cssNumber[s]?"":"px")),y.clearCloneStyle||""!==n||0!==t.indexOf("background")||(l[t]="inherit"),a&&"set"in a&&void 0===(n=a.set(e,n,r))||(u?l.setProperty(t,n):l[t]=n))}},css:function(e,t,n,r){var i,o,a,s=X(t);return Ge.test(t)||(t=Xe(s)),(a=S.cssHooks[t]||S.cssHooks[s])&&"get"in a&&(i=a.get(e,!0,n)),void 0===i&&(i=Be(e,t,r)),"normal"===i&&t in Qe&&(i=Qe[t]),""===n||n?(o=parseFloat(i),!0===n||isFinite(o)?o||0:i):i}}),S.each(["height","width"],function(e,u){S.cssHooks[u]={get:function(e,t,n){if(t)return!Ve.test(S.css(e,"display"))||e.getClientRects().length&&e.getBoundingClientRect().width?Ze(e,u,n):We(e,Ye,function(){return Ze(e,u,n)})},set:function(e,t,n){var r,i=Ie(e),o=!y.scrollboxSize()&&"absolute"===i.position,a=(o||n)&&"border-box"===S.css(e,"boxSizing",!1,i),s=n?Ke(e,u,n,a,i):0;return a&&o&&(s-=Math.ceil(e["offset"+u[0].toUpperCase()+u.slice(1)]-parseFloat(i[u])-Ke(e,u,"border",!1,i)-.5)),s&&(r=te.exec(t))&&"px"!==(r[3]||"px")&&(e.style[u]=t,t=S.css(e,u)),Je(0,t,s)}}}),S.cssHooks.marginLeft=$e(y.reliableMarginLeft,function(e,t){if(t)return(parseFloat(Be(e,"marginLeft"))||e.getBoundingClientRect().left-We(e,{marginLeft:0},function(){return e.getBoundingClientRect().left}))+"px"}),S.each({margin:"",padding:"",border:"Width"},function(i,o){S.cssHooks[i+o]={expand:function(e){for(var t=0,n={},r="string"==typeof e?e.split(" "):[e];t<4;t++)n[i+ne[t]+o]=r[t]||r[t-2]||r[0];return n}},"margin"!==i&&(S.cssHooks[i+o].set=Je)}),S.fn.extend({css:function(e,t){return $(this,function(e,t,n){var r,i,o={},a=0;if(Array.isArray(t)){for(r=Ie(e),i=t.length;a<i;a++)o[t[a]]=S.css(e,t[a],!1,r);return o}return void 0!==n?S.style(e,t,n):S.css(e,t)},e,t,1<arguments.length)}}),((S.Tween=et).prototype={constructor:et,init:function(e,t,n,r,i,o){this.elem=e,this.prop=n,this.easing=i||S.easing._default,this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=o||(S.cssNumber[n]?"":"px")},cur:function(){var e=et.propHooks[this.prop];return e&&e.get?e.get(this):et.propHooks._default.get(this)},run:function(e){var t,n=et.propHooks[this.prop];return this.options.duration?this.pos=t=S.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):this.pos=t=e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):et.propHooks._default.set(this),this}}).init.prototype=et.prototype,(et.propHooks={_default:{get:function(e){var t;return 1!==e.elem.nodeType||null!=e.elem[e.prop]&&null==e.elem.style[e.prop]?e.elem[e.prop]:(t=S.css(e.elem,e.prop,""))&&"auto"!==t?t:0},set:function(e){S.fx.step[e.prop]?S.fx.step[e.prop](e):1!==e.elem.nodeType||!S.cssHooks[e.prop]&&null==e.elem.style[Xe(e.prop)]?e.elem[e.prop]=e.now:S.style(e.elem,e.prop,e.now+e.unit)}}}).scrollTop=et.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},S.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2},_default:"swing"},S.fx=et.prototype.init,S.fx.step={};var tt,nt,rt,it,ot=/^(?:toggle|show|hide)$/,at=/queueHooks$/;function st(){nt&&(!1===E.hidden&&C.requestAnimationFrame?C.requestAnimationFrame(st):C.setTimeout(st,S.fx.interval),S.fx.tick())}function ut(){return C.setTimeout(function(){tt=void 0}),tt=Date.now()}function lt(e,t){var n,r=0,i={height:e};for(t=t?1:0;r<4;r+=2-t)i["margin"+(n=ne[r])]=i["padding"+n]=e;return t&&(i.opacity=i.width=e),i}function ct(e,t,n){for(var r,i=(ft.tweeners[t]||[]).concat(ft.tweeners["*"]),o=0,a=i.length;o<a;o++)if(r=i[o].call(n,t,e))return r}function ft(o,e,t){var n,a,r=0,i=ft.prefilters.length,s=S.Deferred().always(function(){delete u.elem}),u=function(){if(a)return!1;for(var e=tt||ut(),t=Math.max(0,l.startTime+l.duration-e),n=1-(t/l.duration||0),r=0,i=l.tweens.length;r<i;r++)l.tweens[r].run(n);return s.notifyWith(o,[l,n,t]),n<1&&i?t:(i||s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l]),!1)},l=s.promise({elem:o,props:S.extend({},e),opts:S.extend(!0,{specialEasing:{},easing:S.easing._default},t),originalProperties:e,originalOptions:t,startTime:tt||ut(),duration:t.duration,tweens:[],createTween:function(e,t){var n=S.Tween(o,l.opts,e,t,l.opts.specialEasing[e]||l.opts.easing);return l.tweens.push(n),n},stop:function(e){var t=0,n=e?l.tweens.length:0;if(a)return this;for(a=!0;t<n;t++)l.tweens[t].run(1);return e?(s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l,e])):s.rejectWith(o,[l,e]),this}}),c=l.props;for(!function(e,t){var n,r,i,o,a;for(n in e)if(i=t[r=X(n)],o=e[n],Array.isArray(o)&&(i=o[1],o=e[n]=o[0]),n!==r&&(e[r]=o,delete e[n]),(a=S.cssHooks[r])&&"expand"in a)for(n in o=a.expand(o),delete e[r],o)n in e||(e[n]=o[n],t[n]=i);else t[r]=i}(c,l.opts.specialEasing);r<i;r++)if(n=ft.prefilters[r].call(l,o,c,l.opts))return m(n.stop)&&(S._queueHooks(l.elem,l.opts.queue).stop=n.stop.bind(n)),n;return S.map(c,ct,l),m(l.opts.start)&&l.opts.start.call(o,l),l.progress(l.opts.progress).done(l.opts.done,l.opts.complete).fail(l.opts.fail).always(l.opts.always),S.fx.timer(S.extend(u,{elem:o,anim:l,queue:l.opts.queue})),l}S.Animation=S.extend(ft,{tweeners:{"*":[function(e,t){var n=this.createTween(e,t);return se(n.elem,e,te.exec(t),n),n}]},tweener:function(e,t){m(e)?(t=e,e=["*"]):e=e.match(P);for(var n,r=0,i=e.length;r<i;r++)n=e[r],ft.tweeners[n]=ft.tweeners[n]||[],ft.tweeners[n].unshift(t)},prefilters:[function(e,t,n){var r,i,o,a,s,u,l,c,f="width"in t||"height"in t,p=this,d={},h=e.style,g=e.nodeType&&ae(e),v=Y.get(e,"fxshow");for(r in n.queue||(null==(a=S._queueHooks(e,"fx")).unqueued&&(a.unqueued=0,s=a.empty.fire,a.empty.fire=function(){a.unqueued||s()}),a.unqueued++,p.always(function(){p.always(function(){a.unqueued--,S.queue(e,"fx").length||a.empty.fire()})})),t)if(i=t[r],ot.test(i)){if(delete t[r],o=o||"toggle"===i,i===(g?"hide":"show")){if("show"!==i||!v||void 0===v[r])continue;g=!0}d[r]=v&&v[r]||S.style(e,r)}if((u=!S.isEmptyObject(t))||!S.isEmptyObject(d))for(r in f&&1===e.nodeType&&(n.overflow=[h.overflow,h.overflowX,h.overflowY],null==(l=v&&v.display)&&(l=Y.get(e,"display")),"none"===(c=S.css(e,"display"))&&(l?c=l:(le([e],!0),l=e.style.display||l,c=S.css(e,"display"),le([e]))),("inline"===c||"inline-block"===c&&null!=l)&&"none"===S.css(e,"float")&&(u||(p.done(function(){h.display=l}),null==l&&(c=h.display,l="none"===c?"":c)),h.display="inline-block")),n.overflow&&(h.overflow="hidden",p.always(function(){h.overflow=n.overflow[0],h.overflowX=n.overflow[1],h.overflowY=n.overflow[2]})),u=!1,d)u||(v?"hidden"in v&&(g=v.hidden):v=Y.access(e,"fxshow",{display:l}),o&&(v.hidden=!g),g&&le([e],!0),p.done(function(){for(r in g||le([e]),Y.remove(e,"fxshow"),d)S.style(e,r,d[r])})),u=ct(g?v[r]:0,r,p),r in v||(v[r]=u.start,g&&(u.end=u.start,u.start=0))}],prefilter:function(e,t){t?ft.prefilters.unshift(e):ft.prefilters.push(e)}}),S.speed=function(e,t,n){var r=e&&"object"==typeof e?S.extend({},e):{complete:n||!n&&t||m(e)&&e,duration:e,easing:n&&t||t&&!m(t)&&t};return S.fx.off?r.duration=0:"number"!=typeof r.duration&&(r.duration in S.fx.speeds?r.duration=S.fx.speeds[r.duration]:r.duration=S.fx.speeds._default),null!=r.queue&&!0!==r.queue||(r.queue="fx"),r.old=r.complete,r.complete=function(){m(r.old)&&r.old.call(this),r.queue&&S.dequeue(this,r.queue)},r},S.fn.extend({fadeTo:function(e,t,n,r){return this.filter(ae).css("opacity",0).show().end().animate({opacity:t},e,n,r)},animate:function(t,e,n,r){var i=S.isEmptyObject(t),o=S.speed(e,n,r),a=function(){var e=ft(this,S.extend({},t),o);(i||Y.get(this,"finish"))&&e.stop(!0)};return a.finish=a,i||!1===o.queue?this.each(a):this.queue(o.queue,a)},stop:function(i,e,o){var a=function(e){var t=e.stop;delete e.stop,t(o)};return"string"!=typeof i&&(o=e,e=i,i=void 0),e&&this.queue(i||"fx",[]),this.each(function(){var e=!0,t=null!=i&&i+"queueHooks",n=S.timers,r=Y.get(this);if(t)r[t]&&r[t].stop&&a(r[t]);else for(t in r)r[t]&&r[t].stop&&at.test(t)&&a(r[t]);for(t=n.length;t--;)n[t].elem!==this||null!=i&&n[t].queue!==i||(n[t].anim.stop(o),e=!1,n.splice(t,1));!e&&o||S.dequeue(this,i)})},finish:function(a){return!1!==a&&(a=a||"fx"),this.each(function(){var e,t=Y.get(this),n=t[a+"queue"],r=t[a+"queueHooks"],i=S.timers,o=n?n.length:0;for(t.finish=!0,S.queue(this,a,[]),r&&r.stop&&r.stop.call(this,!0),e=i.length;e--;)i[e].elem===this&&i[e].queue===a&&(i[e].anim.stop(!0),i.splice(e,1));for(e=0;e<o;e++)n[e]&&n[e].finish&&n[e].finish.call(this);delete t.finish})}}),S.each(["toggle","show","hide"],function(e,r){var i=S.fn[r];S.fn[r]=function(e,t,n){return null==e||"boolean"==typeof e?i.apply(this,arguments):this.animate(lt(r,!0),e,t,n)}}),S.each({slideDown:lt("show"),slideUp:lt("hide"),slideToggle:lt("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(e,r){S.fn[e]=function(e,t,n){return this.animate(r,e,t,n)}}),S.timers=[],S.fx.tick=function(){var e,t=0,n=S.timers;for(tt=Date.now();t<n.length;t++)(e=n[t])()||n[t]!==e||n.splice(t--,1);n.length||S.fx.stop(),tt=void 0},S.fx.timer=function(e){S.timers.push(e),S.fx.start()},S.fx.interval=13,S.fx.start=function(){nt||(nt=!0,st())},S.fx.stop=function(){nt=null},S.fx.speeds={slow:600,fast:200,_default:400},S.fn.delay=function(r,e){return r=S.fx&&S.fx.speeds[r]||r,e=e||"fx",this.queue(e,function(e,t){var n=C.setTimeout(e,r);t.stop=function(){C.clearTimeout(n)}})},rt=E.createElement("input"),it=E.createElement("select").appendChild(E.createElement("option")),rt.type="checkbox",y.checkOn=""!==rt.value,y.optSelected=it.selected,(rt=E.createElement("input")).value="t",rt.type="radio",y.radioValue="t"===rt.value;var pt,dt=S.expr.attrHandle;S.fn.extend({attr:function(e,t){return $(this,S.attr,e,t,1<arguments.length)},removeAttr:function(e){return this.each(function(){S.removeAttr(this,e)})}}),S.extend({attr:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return"undefined"==typeof e.getAttribute?S.prop(e,t,n):(1===o&&S.isXMLDoc(e)||(i=S.attrHooks[t.toLowerCase()]||(S.expr.match.bool.test(t)?pt:void 0)),void 0!==n?null===n?void S.removeAttr(e,t):i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:(e.setAttribute(t,n+""),n):i&&"get"in i&&null!==(r=i.get(e,t))?r:null==(r=S.find.attr(e,t))?void 0:r)},attrHooks:{type:{set:function(e,t){if(!y.radioValue&&"radio"===t&&A(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},removeAttr:function(e,t){var n,r=0,i=t&&t.match(P);if(i&&1===e.nodeType)while(n=i[r++])e.removeAttribute(n)}}),pt={set:function(e,t,n){return!1===t?S.removeAttr(e,n):e.setAttribute(n,n),n}},S.each(S.expr.match.bool.source.match(/\w+/g),function(e,t){var a=dt[t]||S.find.attr;dt[t]=function(e,t,n){var r,i,o=t.toLowerCase();return n||(i=dt[o],dt[o]=r,r=null!=a(e,t,n)?o:null,dt[o]=i),r}});var ht=/^(?:input|select|textarea|button)$/i,gt=/^(?:a|area)$/i;function vt(e){return(e.match(P)||[]).join(" ")}function yt(e){return e.getAttribute&&e.getAttribute("class")||""}function mt(e){return Array.isArray(e)?e:"string"==typeof e&&e.match(P)||[]}S.fn.extend({prop:function(e,t){return $(this,S.prop,e,t,1<arguments.length)},removeProp:function(e){return this.each(function(){delete this[S.propFix[e]||e]})}}),S.extend({prop:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return 1===o&&S.isXMLDoc(e)||(t=S.propFix[t]||t,i=S.propHooks[t]),void 0!==n?i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:e[t]=n:i&&"get"in i&&null!==(r=i.get(e,t))?r:e[t]},propHooks:{tabIndex:{get:function(e){var t=S.find.attr(e,"tabindex");return t?parseInt(t,10):ht.test(e.nodeName)||gt.test(e.nodeName)&&e.href?0:-1}}},propFix:{"for":"htmlFor","class":"className"}}),y.optSelected||(S.propHooks.selected={get:function(e){var t=e.parentNode;return t&&t.parentNode&&t.parentNode.selectedIndex,null},set:function(e){var t=e.parentNode;t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex)}}),S.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){S.propFix[this.toLowerCase()]=this}),S.fn.extend({addClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){S(this).addClass(t.call(this,e,yt(this)))});if((e=mt(t)).length)while(n=this[u++])if(i=yt(n),r=1===n.nodeType&&" "+vt(i)+" "){a=0;while(o=e[a++])r.indexOf(" "+o+" ")<0&&(r+=o+" ");i!==(s=vt(r))&&n.setAttribute("class",s)}return this},removeClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){S(this).removeClass(t.call(this,e,yt(this)))});if(!arguments.length)return this.attr("class","");if((e=mt(t)).length)while(n=this[u++])if(i=yt(n),r=1===n.nodeType&&" "+vt(i)+" "){a=0;while(o=e[a++])while(-1<r.indexOf(" "+o+" "))r=r.replace(" "+o+" "," ");i!==(s=vt(r))&&n.setAttribute("class",s)}return this},toggleClass:function(i,t){var o=typeof i,a="string"===o||Array.isArray(i);return"boolean"==typeof t&&a?t?this.addClass(i):this.removeClass(i):m(i)?this.each(function(e){S(this).toggleClass(i.call(this,e,yt(this),t),t)}):this.each(function(){var e,t,n,r;if(a){t=0,n=S(this),r=mt(i);while(e=r[t++])n.hasClass(e)?n.removeClass(e):n.addClass(e)}else void 0!==i&&"boolean"!==o||((e=yt(this))&&Y.set(this,"__className__",e),this.setAttribute&&this.setAttribute("class",e||!1===i?"":Y.get(this,"__className__")||""))})},hasClass:function(e){var t,n,r=0;t=" "+e+" ";while(n=this[r++])if(1===n.nodeType&&-1<(" "+vt(yt(n))+" ").indexOf(t))return!0;return!1}});var xt=/\r/g;S.fn.extend({val:function(n){var r,e,i,t=this[0];return arguments.length?(i=m(n),this.each(function(e){var t;1===this.nodeType&&(null==(t=i?n.call(this,e,S(this).val()):n)?t="":"number"==typeof t?t+="":Array.isArray(t)&&(t=S.map(t,function(e){return null==e?"":e+""})),(r=S.valHooks[this.type]||S.valHooks[this.nodeName.toLowerCase()])&&"set"in r&&void 0!==r.set(this,t,"value")||(this.value=t))})):t?(r=S.valHooks[t.type]||S.valHooks[t.nodeName.toLowerCase()])&&"get"in r&&void 0!==(e=r.get(t,"value"))?e:"string"==typeof(e=t.value)?e.replace(xt,""):null==e?"":e:void 0}}),S.extend({valHooks:{option:{get:function(e){var t=S.find.attr(e,"value");return null!=t?t:vt(S.text(e))}},select:{get:function(e){var t,n,r,i=e.options,o=e.selectedIndex,a="select-one"===e.type,s=a?null:[],u=a?o+1:i.length;for(r=o<0?u:a?o:0;r<u;r++)if(((n=i[r]).selected||r===o)&&!n.disabled&&(!n.parentNode.disabled||!A(n.parentNode,"optgroup"))){if(t=S(n).val(),a)return t;s.push(t)}return s},set:function(e,t){var n,r,i=e.options,o=S.makeArray(t),a=i.length;while(a--)((r=i[a]).selected=-1<S.inArray(S.valHooks.option.get(r),o))&&(n=!0);return n||(e.selectedIndex=-1),o}}}}),S.each(["radio","checkbox"],function(){S.valHooks[this]={set:function(e,t){if(Array.isArray(t))return e.checked=-1<S.inArray(S(e).val(),t)}},y.checkOn||(S.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})}),y.focusin="onfocusin"in C;var bt=/^(?:focusinfocus|focusoutblur)$/,wt=function(e){e.stopPropagation()};S.extend(S.event,{trigger:function(e,t,n,r){var i,o,a,s,u,l,c,f,p=[n||E],d=v.call(e,"type")?e.type:e,h=v.call(e,"namespace")?e.namespace.split("."):[];if(o=f=a=n=n||E,3!==n.nodeType&&8!==n.nodeType&&!bt.test(d+S.event.triggered)&&(-1<d.indexOf(".")&&(d=(h=d.split(".")).shift(),h.sort()),u=d.indexOf(":")<0&&"on"+d,(e=e[S.expando]?e:new S.Event(d,"object"==typeof e&&e)).isTrigger=r?2:3,e.namespace=h.join("."),e.rnamespace=e.namespace?new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,e.result=void 0,e.target||(e.target=n),t=null==t?[e]:S.makeArray(t,[e]),c=S.event.special[d]||{},r||!c.trigger||!1!==c.trigger.apply(n,t))){if(!r&&!c.noBubble&&!x(n)){for(s=c.delegateType||d,bt.test(s+d)||(o=o.parentNode);o;o=o.parentNode)p.push(o),a=o;a===(n.ownerDocument||E)&&p.push(a.defaultView||a.parentWindow||C)}i=0;while((o=p[i++])&&!e.isPropagationStopped())f=o,e.type=1<i?s:c.bindType||d,(l=(Y.get(o,"events")||Object.create(null))[e.type]&&Y.get(o,"handle"))&&l.apply(o,t),(l=u&&o[u])&&l.apply&&V(o)&&(e.result=l.apply(o,t),!1===e.result&&e.preventDefault());return e.type=d,r||e.isDefaultPrevented()||c._default&&!1!==c._default.apply(p.pop(),t)||!V(n)||u&&m(n[d])&&!x(n)&&((a=n[u])&&(n[u]=null),S.event.triggered=d,e.isPropagationStopped()&&f.addEventListener(d,wt),n[d](),e.isPropagationStopped()&&f.removeEventListener(d,wt),S.event.triggered=void 0,a&&(n[u]=a)),e.result}},simulate:function(e,t,n){var r=S.extend(new S.Event,n,{type:e,isSimulated:!0});S.event.trigger(r,null,t)}}),S.fn.extend({trigger:function(e,t){return this.each(function(){S.event.trigger(e,t,this)})},triggerHandler:function(e,t){var n=this[0];if(n)return S.event.trigger(e,t,n,!0)}}),y.focusin||S.each({focus:"focusin",blur:"focusout"},function(n,r){var i=function(e){S.event.simulate(r,e.target,S.event.fix(e))};S.event.special[r]={setup:function(){var e=this.ownerDocument||this.document||this,t=Y.access(e,r);t||e.addEventListener(n,i,!0),Y.access(e,r,(t||0)+1)},teardown:function(){var e=this.ownerDocument||this.document||this,t=Y.access(e,r)-1;t?Y.access(e,r,t):(e.removeEventListener(n,i,!0),Y.remove(e,r))}}});var Tt=C.location,Ct={guid:Date.now()},Et=/\?/;S.parseXML=function(e){var t;if(!e||"string"!=typeof e)return null;try{t=(new C.DOMParser).parseFromString(e,"text/xml")}catch(e){t=void 0}return t&&!t.getElementsByTagName("parsererror").length||S.error("Invalid XML: "+e),t};var St=/\[\]$/,kt=/\r?\n/g,At=/^(?:submit|button|image|reset|file)$/i,Nt=/^(?:input|select|textarea|keygen)/i;function Dt(n,e,r,i){var t;if(Array.isArray(e))S.each(e,function(e,t){r||St.test(n)?i(n,t):Dt(n+"["+("object"==typeof t&&null!=t?e:"")+"]",t,r,i)});else if(r||"object"!==w(e))i(n,e);else for(t in e)Dt(n+"["+t+"]",e[t],r,i)}S.param=function(e,t){var n,r=[],i=function(e,t){var n=m(t)?t():t;r[r.length]=encodeURIComponent(e)+"="+encodeURIComponent(null==n?"":n)};if(null==e)return"";if(Array.isArray(e)||e.jquery&&!S.isPlainObject(e))S.each(e,function(){i(this.name,this.value)});else for(n in e)Dt(n,e[n],t,i);return r.join("&")},S.fn.extend({serialize:function(){return S.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var e=S.prop(this,"elements");return e?S.makeArray(e):this}).filter(function(){var e=this.type;return this.name&&!S(this).is(":disabled")&&Nt.test(this.nodeName)&&!At.test(e)&&(this.checked||!pe.test(e))}).map(function(e,t){var n=S(this).val();return null==n?null:Array.isArray(n)?S.map(n,function(e){return{name:t.name,value:e.replace(kt,"\r\n")}}):{name:t.name,value:n.replace(kt,"\r\n")}}).get()}});var jt=/%20/g,qt=/#.*$/,Lt=/([?&])_=[^&]*/,Ht=/^(.*?):[ \t]*([^\r\n]*)$/gm,Ot=/^(?:GET|HEAD)$/,Pt=/^\/\//,Rt={},Mt={},It="*/".concat("*"),Wt=E.createElement("a");function Ft(o){return function(e,t){"string"!=typeof e&&(t=e,e="*");var n,r=0,i=e.toLowerCase().match(P)||[];if(m(t))while(n=i[r++])"+"===n[0]?(n=n.slice(1)||"*",(o[n]=o[n]||[]).unshift(t)):(o[n]=o[n]||[]).push(t)}}function Bt(t,i,o,a){var s={},u=t===Mt;function l(e){var r;return s[e]=!0,S.each(t[e]||[],function(e,t){var n=t(i,o,a);return"string"!=typeof n||u||s[n]?u?!(r=n):void 0:(i.dataTypes.unshift(n),l(n),!1)}),r}return l(i.dataTypes[0])||!s["*"]&&l("*")}function $t(e,t){var n,r,i=S.ajaxSettings.flatOptions||{};for(n in t)void 0!==t[n]&&((i[n]?e:r||(r={}))[n]=t[n]);return r&&S.extend(!0,e,r),e}Wt.href=Tt.href,S.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:Tt.href,type:"GET",isLocal:/^(?:about|app|app-storage|.+-extension|file|res|widget):$/.test(Tt.protocol),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":It,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/\bxml\b/,html:/\bhtml/,json:/\bjson\b/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":JSON.parse,"text xml":S.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?$t($t(e,S.ajaxSettings),t):$t(S.ajaxSettings,e)},ajaxPrefilter:Ft(Rt),ajaxTransport:Ft(Mt),ajax:function(e,t){"object"==typeof e&&(t=e,e=void 0),t=t||{};var c,f,p,n,d,r,h,g,i,o,v=S.ajaxSetup({},t),y=v.context||v,m=v.context&&(y.nodeType||y.jquery)?S(y):S.event,x=S.Deferred(),b=S.Callbacks("once memory"),w=v.statusCode||{},a={},s={},u="canceled",T={readyState:0,getResponseHeader:function(e){var t;if(h){if(!n){n={};while(t=Ht.exec(p))n[t[1].toLowerCase()+" "]=(n[t[1].toLowerCase()+" "]||[]).concat(t[2])}t=n[e.toLowerCase()+" "]}return null==t?null:t.join(", ")},getAllResponseHeaders:function(){return h?p:null},setRequestHeader:function(e,t){return null==h&&(e=s[e.toLowerCase()]=s[e.toLowerCase()]||e,a[e]=t),this},overrideMimeType:function(e){return null==h&&(v.mimeType=e),this},statusCode:function(e){var t;if(e)if(h)T.always(e[T.status]);else for(t in e)w[t]=[w[t],e[t]];return this},abort:function(e){var t=e||u;return c&&c.abort(t),l(0,t),this}};if(x.promise(T),v.url=((e||v.url||Tt.href)+"").replace(Pt,Tt.protocol+"//"),v.type=t.method||t.type||v.method||v.type,v.dataTypes=(v.dataType||"*").toLowerCase().match(P)||[""],null==v.crossDomain){r=E.createElement("a");try{r.href=v.url,r.href=r.href,v.crossDomain=Wt.protocol+"//"+Wt.host!=r.protocol+"//"+r.host}catch(e){v.crossDomain=!0}}if(v.data&&v.processData&&"string"!=typeof v.data&&(v.data=S.param(v.data,v.traditional)),Bt(Rt,v,t,T),h)return T;for(i in(g=S.event&&v.global)&&0==S.active++&&S.event.trigger("ajaxStart"),v.type=v.type.toUpperCase(),v.hasContent=!Ot.test(v.type),f=v.url.replace(qt,""),v.hasContent?v.data&&v.processData&&0===(v.contentType||"").indexOf("application/x-www-form-urlencoded")&&(v.data=v.data.replace(jt,"+")):(o=v.url.slice(f.length),v.data&&(v.processData||"string"==typeof v.data)&&(f+=(Et.test(f)?"&":"?")+v.data,delete v.data),!1===v.cache&&(f=f.replace(Lt,"$1"),o=(Et.test(f)?"&":"?")+"_="+Ct.guid+++o),v.url=f+o),v.ifModified&&(S.lastModified[f]&&T.setRequestHeader("If-Modified-Since",S.lastModified[f]),S.etag[f]&&T.setRequestHeader("If-None-Match",S.etag[f])),(v.data&&v.hasContent&&!1!==v.contentType||t.contentType)&&T.setRequestHeader("Content-Type",v.contentType),T.setRequestHeader("Accept",v.dataTypes[0]&&v.accepts[v.dataTypes[0]]?v.accepts[v.dataTypes[0]]+("*"!==v.dataTypes[0]?", "+It+"; q=0.01":""):v.accepts["*"]),v.headers)T.setRequestHeader(i,v.headers[i]);if(v.beforeSend&&(!1===v.beforeSend.call(y,T,v)||h))return T.abort();if(u="abort",b.add(v.complete),T.done(v.success),T.fail(v.error),c=Bt(Mt,v,t,T)){if(T.readyState=1,g&&m.trigger("ajaxSend",[T,v]),h)return T;v.async&&0<v.timeout&&(d=C.setTimeout(function(){T.abort("timeout")},v.timeout));try{h=!1,c.send(a,l)}catch(e){if(h)throw e;l(-1,e)}}else l(-1,"No Transport");function l(e,t,n,r){var i,o,a,s,u,l=t;h||(h=!0,d&&C.clearTimeout(d),c=void 0,p=r||"",T.readyState=0<e?4:0,i=200<=e&&e<300||304===e,n&&(s=function(e,t,n){var r,i,o,a,s=e.contents,u=e.dataTypes;while("*"===u[0])u.shift(),void 0===r&&(r=e.mimeType||t.getResponseHeader("Content-Type"));if(r)for(i in s)if(s[i]&&s[i].test(r)){u.unshift(i);break}if(u[0]in n)o=u[0];else{for(i in n){if(!u[0]||e.converters[i+" "+u[0]]){o=i;break}a||(a=i)}o=o||a}if(o)return o!==u[0]&&u.unshift(o),n[o]}(v,T,n)),!i&&-1<S.inArray("script",v.dataTypes)&&(v.converters["text script"]=function(){}),s=function(e,t,n,r){var i,o,a,s,u,l={},c=e.dataTypes.slice();if(c[1])for(a in e.converters)l[a.toLowerCase()]=e.converters[a];o=c.shift();while(o)if(e.responseFields[o]&&(n[e.responseFields[o]]=t),!u&&r&&e.dataFilter&&(t=e.dataFilter(t,e.dataType)),u=o,o=c.shift())if("*"===o)o=u;else if("*"!==u&&u!==o){if(!(a=l[u+" "+o]||l["* "+o]))for(i in l)if((s=i.split(" "))[1]===o&&(a=l[u+" "+s[0]]||l["* "+s[0]])){!0===a?a=l[i]:!0!==l[i]&&(o=s[0],c.unshift(s[1]));break}if(!0!==a)if(a&&e["throws"])t=a(t);else try{t=a(t)}catch(e){return{state:"parsererror",error:a?e:"No conversion from "+u+" to "+o}}}return{state:"success",data:t}}(v,s,T,i),i?(v.ifModified&&((u=T.getResponseHeader("Last-Modified"))&&(S.lastModified[f]=u),(u=T.getResponseHeader("etag"))&&(S.etag[f]=u)),204===e||"HEAD"===v.type?l="nocontent":304===e?l="notmodified":(l=s.state,o=s.data,i=!(a=s.error))):(a=l,!e&&l||(l="error",e<0&&(e=0))),T.status=e,T.statusText=(t||l)+"",i?x.resolveWith(y,[o,l,T]):x.rejectWith(y,[T,l,a]),T.statusCode(w),w=void 0,g&&m.trigger(i?"ajaxSuccess":"ajaxError",[T,v,i?o:a]),b.fireWith(y,[T,l]),g&&(m.trigger("ajaxComplete",[T,v]),--S.active||S.event.trigger("ajaxStop")))}return T},getJSON:function(e,t,n){return S.get(e,t,n,"json")},getScript:function(e,t){return S.get(e,void 0,t,"script")}}),S.each(["get","post"],function(e,i){S[i]=function(e,t,n,r){return m(t)&&(r=r||n,n=t,t=void 0),S.ajax(S.extend({url:e,type:i,dataType:r,data:t,success:n},S.isPlainObject(e)&&e))}}),S.ajaxPrefilter(function(e){var t;for(t in e.headers)"content-type"===t.toLowerCase()&&(e.contentType=e.headers[t]||"")}),S._evalUrl=function(e,t,n){return S.ajax({url:e,type:"GET",dataType:"script",cache:!0,async:!1,global:!1,converters:{"text script":function(){}},dataFilter:function(e){S.globalEval(e,t,n)}})},S.fn.extend({wrapAll:function(e){var t;return this[0]&&(m(e)&&(e=e.call(this[0])),t=S(e,this[0].ownerDocument).eq(0).clone(!0),this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstElementChild)e=e.firstElementChild;return e}).append(this)),this},wrapInner:function(n){return m(n)?this.each(function(e){S(this).wrapInner(n.call(this,e))}):this.each(function(){var e=S(this),t=e.contents();t.length?t.wrapAll(n):e.append(n)})},wrap:function(t){var n=m(t);return this.each(function(e){S(this).wrapAll(n?t.call(this,e):t)})},unwrap:function(e){return this.parent(e).not("body").each(function(){S(this).replaceWith(this.childNodes)}),this}}),S.expr.pseudos.hidden=function(e){return!S.expr.pseudos.visible(e)},S.expr.pseudos.visible=function(e){return!!(e.offsetWidth||e.offsetHeight||e.getClientRects().length)},S.ajaxSettings.xhr=function(){try{return new C.XMLHttpRequest}catch(e){}};var _t={0:200,1223:204},zt=S.ajaxSettings.xhr();y.cors=!!zt&&"withCredentials"in zt,y.ajax=zt=!!zt,S.ajaxTransport(function(i){var o,a;if(y.cors||zt&&!i.crossDomain)return{send:function(e,t){var n,r=i.xhr();if(r.open(i.type,i.url,i.async,i.username,i.password),i.xhrFields)for(n in i.xhrFields)r[n]=i.xhrFields[n];for(n in i.mimeType&&r.overrideMimeType&&r.overrideMimeType(i.mimeType),i.crossDomain||e["X-Requested-With"]||(e["X-Requested-With"]="XMLHttpRequest"),e)r.setRequestHeader(n,e[n]);o=function(e){return function(){o&&(o=a=r.onload=r.onerror=r.onabort=r.ontimeout=r.onreadystatechange=null,"abort"===e?r.abort():"error"===e?"number"!=typeof r.status?t(0,"error"):t(r.status,r.statusText):t(_t[r.status]||r.status,r.statusText,"text"!==(r.responseType||"text")||"string"!=typeof r.responseText?{binary:r.response}:{text:r.responseText},r.getAllResponseHeaders()))}},r.onload=o(),a=r.onerror=r.ontimeout=o("error"),void 0!==r.onabort?r.onabort=a:r.onreadystatechange=function(){4===r.readyState&&C.setTimeout(function(){o&&a()})},o=o("abort");try{r.send(i.hasContent&&i.data||null)}catch(e){if(o)throw e}},abort:function(){o&&o()}}}),S.ajaxPrefilter(function(e){e.crossDomain&&(e.contents.script=!1)}),S.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/\b(?:java|ecma)script\b/},converters:{"text script":function(e){return S.globalEval(e),e}}}),S.ajaxPrefilter("script",function(e){void 0===e.cache&&(e.cache=!1),e.crossDomain&&(e.type="GET")}),S.ajaxTransport("script",function(n){var r,i;if(n.crossDomain||n.scriptAttrs)return{send:function(e,t){r=S("<script>").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),E.head.appendChild(r[0])},abort:function(){i&&i()}}});var Ut,Xt=[],Vt=/(=)\?(?=&|$)|\?\?/;S.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=Xt.pop()||S.expando+"_"+Ct.guid++;return this[e]=!0,e}}),S.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Vt.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Vt.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=m(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Vt,"$1"+r):!1!==e.jsonp&&(e.url+=(Et.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||S.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=C[r],C[r]=function(){o=arguments},n.always(function(){void 0===i?S(C).removeProp(r):C[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,Xt.push(r)),o&&m(i)&&i(o[0]),o=i=void 0}),"script"}),y.createHTMLDocument=((Ut=E.implementation.createHTMLDocument("").body).innerHTML="<form></form><form></form>",2===Ut.childNodes.length),S.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(y.createHTMLDocument?((r=(t=E.implementation.createHTMLDocument("")).createElement("base")).href=E.location.href,t.head.appendChild(r)):t=E),o=!n&&[],(i=N.exec(e))?[t.createElement(i[1])]:(i=xe([e],t,o),o&&o.length&&S(o).remove(),S.merge([],i.childNodes)));var r,i,o},S.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1<s&&(r=vt(e.slice(s)),e=e.slice(0,s)),m(t)?(n=t,t=void 0):t&&"object"==typeof t&&(i="POST"),0<a.length&&S.ajax({url:e,type:i||"GET",dataType:"html",data:t}).done(function(e){o=arguments,a.html(r?S("<div>").append(S.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},S.expr.pseudos.animated=function(t){return S.grep(S.timers,function(e){return t===e.elem}).length},S.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=S.css(e,"position"),c=S(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=S.css(e,"top"),u=S.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),m(t)&&(t=t.call(e,n,S.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):("number"==typeof f.top&&(f.top+="px"),"number"==typeof f.left&&(f.left+="px"),c.css(f))}},S.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){S.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===S.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===S.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=S(e).offset()).top+=S.css(e,"borderTopWidth",!0),i.left+=S.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-S.css(r,"marginTop",!0),left:t.left-i.left-S.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===S.css(e,"position"))e=e.offsetParent;return e||re})}}),S.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;S.fn[t]=function(e){return $(this,function(e,t,n){var r;if(x(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),S.each(["top","left"],function(e,n){S.cssHooks[n]=$e(y.pixelPosition,function(e,t){if(t)return t=Be(e,n),Me.test(t)?S(e).position()[n]+"px":t})}),S.each({Height:"height",Width:"width"},function(a,s){S.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){S.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return $(this,function(e,t,n){var r;return x(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?S.css(e,t,i):S.style(e,t,n,i)},s,n?e:void 0,n)}})}),S.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){S.fn[t]=function(e){return this.on(t,e)}}),S.fn.extend({bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)},hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)}}),S.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){S.fn[n]=function(e,t){return 0<arguments.length?this.on(n,null,e,t):this.trigger(n)}});var Gt=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g;S.proxy=function(e,t){var n,r,i;if("string"==typeof t&&(n=e[t],t=e,e=n),m(e))return r=s.call(arguments,2),(i=function(){return e.apply(t||this,r.concat(s.call(arguments)))}).guid=e.guid=e.guid||S.guid++,i},S.holdReady=function(e){e?S.readyWait++:S.ready(!0)},S.isArray=Array.isArray,S.parseJSON=JSON.parse,S.nodeName=A,S.isFunction=m,S.isWindow=x,S.camelCase=X,S.type=w,S.now=Date.now,S.isNumeric=function(e){var t=S.type(e);return("number"===t||"string"===t)&&!isNaN(e-parseFloat(e))},S.trim=function(e){return null==e?"":(e+"").replace(Gt,"")},"function"==typeof define&&define.amd&&define("jquery",[],function(){return S});var Yt=C.jQuery,Qt=C.$;return S.noConflict=function(e){return C.$===S&&(C.$=Qt),e&&C.jQuery===S&&(C.jQuery=Yt),S},"undefined"==typeof e&&(C.jQuery=C.$=S),S});
        </script>
        <script type="text/javascript">
            /*! jQuery Stupid Table Plugin by Joseph McCullough | https://github.com/joequery/Stupid-Table-Plugin/blob/master/LICENSE */
            (function(e){e.fn.stupidtable=function(j){return this.each(function(){var d=e(this);j=j||{};j=e.extend({},{"int":function(b,a){return parseInt(b,10)-parseInt(a,10)},"float":function(b,a){return parseFloat(b)-parseFloat(a)},string:function(b,a){return b<a?-1:b>a?1:0},"string-ins":function(b,a){b=b.toLowerCase();a=a.toLowerCase();return b<a?-1:b>a?1:0}},j);d.on("click","th",function(){var b=d.children("tbody").children("tr"),a=e(this),k=0,n=e.fn.stupidtable.dir;d.find("th").slice(0,a.index()).each(function(){var a=e(this).attr("colspan")||1;k+=parseInt(a,10)});var m=a.data("sort-dir")===n.ASC?n.DESC:n.ASC,p=m==n.DESC?a.data("sort-desc")||a.data("sort")||null:a.data("sort")||null;null!==p&&(d.trigger("beforetablesort",{column:k,direction:m}),d.css("display"),setTimeout(function(){var l=[],c=j[p];b.each(function(a,b){var c=e(b).children().eq(k),d=c.data("sort-value"),c="undefined"!==typeof d?d:c.text();l.push(c)});var f=[],g=0;if(a.data("sort-dir")&&!a.data("sort-desc"))for(c=l.length-1;0<=c;c--)f.push(c);else for(var h=l.slice(0).sort(c),c=0;c<l.length;c++){for(g=e.inArray(l[c],h);-1!=e.inArray(g,f);)g++;f.push(g)}d.find("th").data("sort-dir",null).removeClass("sorting-desc sorting-asc");a.data("sort-dir",m).addClass("sorting-"+m);g=b.slice(0);for(h=c=0;h<f.length;h++)c=f[h],g[c]=b[h];f=e(g);d.children("tbody").append(f);d.trigger("aftertablesort",{column:k,direction:m});d.css("display")},10))})})};e.fn.stupidtable.dir={ASC:"asc",DESC:"desc"}})(jQuery);
        </script>
        <script type="text/javascript">
            $(document).ready(function() {
                function toggleExpandable(h, animate) {
                    var content = "#content" + h.id.substr(6);
                    var header = "#" + h.id;

                    if (animate) {
                        $(content).slideToggle("fast");
                    } else {
                        $(content).toggle();
                    }

                    var exprx = /expandable\b/;
                    if (exprx.exec($(header).attr("class"))) {
                        $(header).addClass("collapsed");
                        $(header).removeClass("expandable");
                    } else {
                        $(header).addClass("expandable");
                        $(header).removeClass("collapsed");
                    }
                    var essrx = /expandablesubsection/;
                    var cssrx = /collaspablesubsection/;
                    if (essrx.exec($(header).attr("class"))) {
                        $(header).addClass("collaspablesubsection");
                        $(header).removeClass("expandablesubsection");
                    } else if (cssrx.exec($(header).attr("class"))) {
                        $(header).addClass("expandablesubsection");
                        $(header).removeClass("collaspablesubsection");
                    }
                }

                $(".expandable, .collapsed").click(function (event) {
                    e = event || window.event;
                    var h = e.target || e.srcElement;
                    toggleExpandable(h, true);
                    return false;
                });

                const suppressedVulnerabilitiesLink = $('#suppressed-vulnerabilities-link');
                suppressedVulnerabilitiesLink.click(function (event) {
                    // Expand header, if currently collapsed
                    const header = $('#header-suppressed.expandable').get(0);
                    if (header !== undefined) {
                        toggleExpandable(header, false);
                    }

                    // Let browser perform default link click handling, i.e. scroll to header
                    return true;
                });


                var table = $("#summaryTable").stupidtable();
                table.bind('aftertablesort', function (event, data) {
                    var th = $(this).find('th');
                    th.find(".arrow").remove();
                    var arrow = data.direction === 'asc' ? '↑' : '↓';
                    th.eq(data.column).append('<span class="arrow">' + arrow +'</span>');
                });
            });

            $(function(){
                $('#modal-background, #modal-close').click(function () {
                    $('#modal-content,#modal-background').toggleClass('active');
                });
                $('#modal-text').bind('copy cut', function() {
                    setTimeout('$("#modal-content,#modal-background").toggleClass("active");',100);
                });
                $('#modal-text').keyup(function(e){
                    if(e.keyCode === 27) {
                        setTimeout('$("#modal-content,#modal-background").toggleClass("active");',100);
                    }
                });
                $('#modal-add-header').click(function () {
                    xml = '<?xml version="1.0" encoding="UTF-8"?>\n<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">\n   ';
                    xml += $("#modal-text").text().replace(/\n/g,'\n   ');
                    xml += '\n</suppressions>';
                    $('#modal-add-header').toggleClass('active');
                    $('#modal-text').text(xml).focus().select();
                });
            });
            function suppressSwitchTo(switchTo) {
                $('#modal-suppress-change-to-sha1').toggleClass('active');
                $('#modal-suppress-change-to-packageUrl').toggleClass('active');
                if (!$('#modal-add-header').hasClass('active')) {
                    $('#modal-add-header').toggleClass('active');
                }
                setCopyText($('#suppress-name').val(),
                            switchTo,
                            $('#suppress-'+switchTo).val(), 
                            $('#suppress-type').val(), 
                            $('#suppress-val').val());
            }
            function copyText(name, sha1, packageUrl, type, val) {
                $('#suppress-name').val(name);
                $('#suppress-type').val(type);
                $('#suppress-val').val(val);
                $('#suppress-sha1').val(sha1);
                $('#suppress-packageUrl').val(packageUrl);
                if (packageUrl=='') {
                    if ($('#modal-suppress-change-to-packageUrl').hasClass('active')) {
                        $('#modal-suppress-change-to-packageUrl').toggleClass('active');
                    }
                    if ($('#modal-suppress-change-to-sha1').hasClass('active')) {
                        $('#modal-suppress-change-to-sha1').toggleClass('active');
                    }
                    setCopyText(name, 'sha1', sha1, type, val);
                } else {
                    if ($('#modal-suppress-change-to-packageUrl').hasClass('active')) {
                        $('#modal-suppress-change-to-packageUrl').toggleClass('active');
                    }
                    if (!$('#modal-suppress-change-to-sha1').hasClass('active')) {
                        $('#modal-suppress-change-to-sha1').toggleClass('active');
                    }
                    setCopyText(name, 'packageUrl', packageUrl, type, val);
                }
            }
            function escapeRegExp(text) {
              return text.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&');
            }
            function setCopyText(name, matchType, matchValue, suppressType, suppressVal) {
                xml =  '<suppress>\n';
                xml += '   <notes><!'+'[CDATA[\n   file name: ' + name + '\n   ]]'+'></notes>\n';
                if (matchType=='packageUrl') {
                    v = matchValue.match(/^[^@]+/);
                    if (v && v[0]) {
                        xml += '   <'+matchType+' regex="true">^' + escapeRegExp(v[0]) + '@.*$</'+matchType+'>\n';
                    } else {
                        xml += '   <'+matchType+'>' + matchValue + '</'+matchType+'>\n';
                    }
                } else {
                    xml += '   <'+matchType+'>' + matchValue + '</'+matchType+'>\n';
                }
                if (suppressType=='cpe') {
                    v = suppressVal.match(/^cpe:\/a:[^:]+:[^:]+/);
                    if (v && v[0]) {
                        xml += '   <'+suppressType+'>' + v[0] + '</'+suppressType+'>\n';
                    } else {
                        xml += '   <'+suppressType+'>' + suppressVal + '</'+suppressType+'>\n';
                    }
                } else {
                    xml += '   <'+suppressType+'>' + suppressVal + '</'+suppressType+'>\n';
                }
                xml += '</suppress>';
                $('#modal-text').text(xml);
                $('#modal-content,#modal-background,#modal-add-header').addClass('active');
                $('#modal-text').focus();
                $('#modal-text').select();
            }
            function toggleDisplay(el, clzName, all, some) {
                $(clzName).toggle();
                if (el.innerHTML == all) {
                    el.innerHTML = some;
                } else {
                    el.innerHTML = all;
                }
                return false;
            }

        $( document ).ready(function() {
          $( "#modal-suppress-change-to-packageUrl" ).bind( "click", function( event ) {
            suppressSwitchTo('packageUrl')
          });
          $( "#modal-suppress-change-to-sha1" ).bind( "click", function( event ) {
            suppressSwitchTo('sha1')
          });
          $( "#scanInformationToggle" ).bind( "click", function( event ) {
            return toggleDisplay(event.target, '.scaninfo', 'show all', 'show less');
          });
          $( "#vulnerabilityDisplayToggle" ).bind( "click", function( event ) {
            const dependenciesHeader = $('#header-dependencies');
            const dependenciesHeaderAllText = 'Dependencies (all)';
            if (dependenciesHeader.text() == dependenciesHeaderAllText) {
                dependenciesHeader.text('Dependencies (vulnerable)');
            } else {
                dependenciesHeader.text(dependenciesHeaderAllText);
            }
            return toggleDisplay(event.target, '.notvulnerable', 'Showing Vulnerable Dependencies (click to show all)', 'Showing All Dependencies (click to show less)');
          });
          $( ".versionToggle" ).bind( "click", function( event ) {
            var lnk = event.target;
            return toggleDisplay(this,lnk.getAttribute('data-toggle'), 'show all', 'show less');
          });          

          $( ".copybutton" ).bind( "click", function( event ) {
            var btn = event.target;
            copyText(btn.getAttribute('data-display-name'),
                     btn.getAttribute('data-sha1'),
                     btn.getAttribute('data-pkgurl'),
                     btn.getAttribute('data-type-to-suppress'),
                     btn.getAttribute('data-id-to-suppress'));
          });
        });


        </script>
        <style type="text/css">
            #modal-background {
                display: none;
                position: fixed;
                top: 0;
                left: 0;
                width: 100%;
                height: 100%;
                background-color: white;
                opacity: .50;
                -webkit-opacity: .5;
                -moz-opacity: .5;
                filter: alpha(opacity=50);
                z-index: 1000;
            }

            #modal-content {
                background-color: white;
                border-radius: 10px;
                -webkit-border-radius: 10px;
                -moz-border-radius: 10px;
                box-shadow: 0 0 20px 0 #222;
                -webkit-box-shadow: 0 0 20px 0 #222;
                -moz-box-shadow: 0 0 20px 0 #222;
                display: none;
                height: 240px;
                left: 50%;
                margin: -120px 0 0 -160px;
                padding: 10px;
                position: fixed;
                top: 50%;
                z-index: 1000;
            }
            #modal-add-header {
                display: none;
            }
            #modal-add-header.active {
                display: block;
            }
            #modal-background.active, #modal-content.active {
                display: block;
            }
            #modal-text {
                border: 0;
                overflow: hidden
            }
            #modal-text:focus {
                outline: none;
            }
            .suppresstype {
                display: none;
            }
            .suppresstype.active {
                display: block;
            }  
            .suppressedLabel {
                cursor: default;
                padding:1px;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .copybutton {
                padding:1px;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .copybutton:hover {
                padding:1px;
                background-color: #dddddd;
                border: 1px solid #444444;
                color:#444444;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button {
                padding:1px;
                float:left;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button:hover {
                padding:1px;
                float:left;
                background-color: #dddddd;
                border: 1px solid #333333;
                color:#333333;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button-right {
                padding:1px;
                float:right;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button-right:hover {
                padding:1px;
                float:right;
                background-color: #dddddd;
                border: 1px solid #333333;
                color:#333333;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .rounded-corners {
                -moz-border-radius: 20px;
                -webkit-border-radius: 20px;
                -khtml-border-radius: 20px;
                -o-border-radius: 20px;
                border-radius: 20px;
            }
            .hidden {
                display: none;
            }
            .expandable {
                cursor: pointer;
                background-image: url();
                background-repeat: no-repeat;
                background-position: 98% 50%;
            }
            .collapsed {
                cursor: pointer;
                background-image: url();
                background-repeat: no-repeat;
                background-position: 98% 50%;
            }
            .expandablesubsection {
                -moz-border-radius-bottomleft:15px; /* bottom left corner */
                -webkit-border-bottom-left-radius:15px; /* bottom left corner */
                border-bottom-left-radius: 15px;
                border-bottom: 1px solid #cccccc;
            }
            .collaspablesubsection {
                -moz-border-radius-bottomleft:0px; /* bottom left corner */
                -webkit-border-bottom-left-radius:0px; /* bottom left corner */
                border-bottom-left-radius: 0px;
                border-bottom: 0px solid #ffffff;
            }
            .standardsubsection {
                -moz-border-radius-bottomleft:0px; /* bottom left corner */
                -webkit-border-bottom-left-radius:0px; /* bottom left corner */
                border-bottom-left-radius: 0px;
                border-bottom: 0px solid #ffffff;
            }
            .content {
                margin-top:0px;
                margin-left:20px;
                margin-right:20px;
                margin-bottom:20px;
                background: #ffffff;
                padding: 20px;
            }

            .sectionheader {
                background-color: #cccccc;
                margin-top: 20px;
                margin-right: 20px;
                margin-left: 20px;
                margin-bottom: 0px;
                padding-top: 10px;
                padding-bottom: 10px;
                padding-left:20px;
                padding-right:20px;
                border-top: 1px solid #ccc;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;
                border-bottom: 0px;

                /*
                -moz-border-radius: 15px;
                -webkit-border-radius: 15px;
                -o-border-radius: 15px;
                border-radius: 15px;
                */

                /* firefox's individual border radius properties */
                -moz-border-radius-topleft:15px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomleft:0px; /* bottom left corner */
                -moz-border-radius-bottomright:0px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:15px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-left-radius:0px; /* bottom left corner */
                -webkit-border-bottom-right-radius:0px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 15px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 0px;
                border-bottom-left-radius: 0px;
            }
            .sectioncontent {
                margin-top:0px;
                margin-left:20px;
                margin-right:20px;
                margin-bottom:10px;
                background: #ffffff;

                padding-top: 10px;
                padding-bottom: 20px;
                padding-left:20px;
                padding-right:20px;

                border-top: 0px;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;
                border-bottom: 1px solid #ccc;

                -moz-border-radius-topleft:0px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomright:15px; /* bottom right corner */
                -moz-border-radius-bottomleft:15px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:0px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-right-radius:15px; /* bottom right corner */
                -webkit-border-bottom-left-radius:15px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 0px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 15px;
                border-bottom-left-radius: 15px;
            }

            .subsectionheader {
                background-color: #cccccc;
                margin-top: 20px;
                margin-right: 20px;
                margin-left: 0px;
                margin-bottom: 0px;
                padding-top: 10px;
                padding-bottom: 10px;
                padding-left:20px;
                padding-right:20px;
                border-top: 1px solid #ccc;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;

                /* firefox's individual border radius properties */
                -moz-border-radius-topleft:15px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomright:0px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:15px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-right-radius:0px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 15px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 0px;
            }
            .subsectioncontent {
                margin-top:0px;
                margin-left:0px;
                margin-right:20px;
                margin-bottom:10px;
                background: #ffffff;
                padding-top: 10px;
                padding-left: 20px;
                padding-right: 20px;
                padding-bottom: 20px;
                border-top: 0px;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;
                border-bottom: 1px solid #ccc;

                -moz-border-radius-topleft:0px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomleft:15px; /* bottom left corner */
                -moz-border-radius-bottomright:15px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:0px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-left-radius:15px; /* bottom left corner */
                -webkit-border-bottom-right-radius:15px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 0px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 15px;
                border-bottom-left-radius: 15px;

            }
            .white {
                background-color: #ffffff;
            }
            .red {
                background-color: #DF0101;
            }
            .redtext {
                color: #DF0101;
            }
            .left {
                text-align: left;
            }
            .indent {
                margin-left:20px;
            }
            td{
                vertical-align:text-top;
                padding:6px;
                margin:0px;
            }
            th {
                text-align:left;
                vertical-align:text-top;
                padding:6px;
                margin:0px;
                border-bottom:1px;
                border-color: black;
            }
            table {
                border: 0px;
            }
            table.lined tr:nth-child(even) {
                background-color: #f3f3f3;
            }
            .fullwidth {
                width:100%;
            }
            body {
                font: 13px "Droid Sans",Arial,"Helvetica Neue","Lucida Grande",sans-serif
            }
            ul {
                margin-top:3px;
                margin-bottom:3px;
            }
            .vulnerable {
                color: #000;
            }
            .notvulnerable {
                display:none;
            }
            .hidden {
                display:none;
            }
            .infolink {
                text-decoration:none;
                color: blue;
                float:right;
            }
            .infolink:hover {
                text-decoration:none;
                color: blue;
                float:right;
            }
            .disclaimer {
                color: #888888;
                font: 9px "Droid Sans",Arial,"Helvetica Neue","Lucida Grande",sans-serif
            }
            .sortable {
                cursor:pointer;
            }
            .sortable:hover {
                text-decoration:underline;
            }
            pre {
                white-space: pre-wrap;
                font: 13px "Droid Sans",Arial,"Helvetica Neue","Lucida Grande",sans-serif
            }
            .underline {
                text-decoration: underline;
            }
            .tooltip {
              position: relative;
              display: inline-block;
              border-bottom: 1px dotted black;
            }

            .tooltip .tooltiptext {
              visibility: hidden;
              width: 220px;
              background-color: #cccccc;
              text-align: center;
              border-radius: 6px;
              padding: 5px 0;

              /* Position the tooltip */
              position: absolute;
              z-index: 1;
            }

            .tooltip:hover .tooltiptext {
              visibility: visible;
            }
        </style>
    </head>
    <body>
        <div id="modal-background"></div>
        <div id="modal-content">
            <div>Press CTR-C to copy XML&nbsp;<a href="https://jeremylong.github.io/DependencyCheck/general/suppression.html" class="infolink" target="_blank" title="Help with suppressing false positives">[help]</a></div>
                <button id="modal-suppress-change-to-packageUrl" class="modal-button suppresstype" title="Supress by Maven Group Artifact Version">Suppress By GAV</button>
                <button id="modal-suppress-change-to-sha1" class="modal-button suppresstype" title="Supress by SHA1 hash">Suppress By SHA1</button><br/>
                <input type="hidden" id="suppress-name"/>
                <input type="hidden" id="suppress-type"/><input type="hidden" id="suppress-val"/>
                <input type="hidden" id="suppress-sha1"/><input type="hidden" id="suppress-packageUrl"/>
                <textarea id="modal-text" cols="50" rows="10" readonly></textarea><br/>
                <button id="modal-add-header" title="Add the parent XML nodes to create the complete XML file that can be used to suppress this finding" class="modal-button">Complete XML Doc</button><button id="modal-close" class="modal-button-right">Close</button>
        </div>
        <div class="wrapper">
            <svg xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" version="1.1" x="0" y="0" width="459.5" height="150" viewBox="0 0 459.5 150" enable-background="new 0 0 595.28 841.89" xml:space="preserve"><g transform="translate(-79.10464,-172.551)"><path d="m246.1 274.3c-2.6 0-5.3-0.2-6.6-0.5-0.6-0.1-0.9-0.4-0.9-1.1l0-20.4c0-0.7 0.3-1 0.9-1.1 1.3-0.2 4-0.5 6.6-0.5 6.1 0 9.8 3.2 9.8 9.7l0 4c0 6.5-3.7 9.7-9.8 9.7zm4.6-13.7c0-4.2-1.8-5.3-4.6-5.3-0.8 0-1.8 0-2.2 0.1l0 14.4c0.4 0 1.4 0.1 2.2 0.1 2.8 0 4.6-1.1 4.6-5.3l0-4zM273 273.9 273 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM285.2 266c-0.7 0-1.7-0.1-2.5-0.1l0 7.5c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.2-0.6-0.6l0-20.7c0-1 0.4-1.3 1.4-1.5 1.6-0.2 4-0.4 6.3-0.4 4.7 0 9.2 1.6 9.2 7.4l0 0.3c0 5.8-4.6 7.5-9.2 7.5zm3.9-7.7c0-2.2-1.4-3-3.9-3-0.4 0-2.1 0.1-2.5 0.1l0 6.3c0.3 0 2.2 0.1 2.5 0.1 2.7 0 3.9-1 3.9-3.1l0-0.3zM311 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM332.4 274l-3 0c-0.6 0-1.1-0.1-1.6-1l-7-12.1c-0.1-0.2-0.2-0.2-0.3-0.2-0.1 0-0.2 0.1-0.2 0.2l0 12.5c0 0.3-0.3 0.6-0.6 0.6l-3.6 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.1c0-0.6 0.5-1.2 1.2-1.2l3.1 0c0.6 0 0.9 0.3 1.3 1l7.3 12.7c0.1 0.2 0.2 0.2 0.2 0.2 0.1 0 0.2-0.1 0.2-0.3l0-13c0-0.3 0.3-0.6 0.6-0.6l3.6 0c0.3 0 0.6 0.2 0.6 0.6l0 21.1c0 0.6-0.6 1.2-1.2 1.2zM345.4 274.3c-2.6 0-5.3-0.2-6.6-0.5-0.6-0.1-0.9-0.4-0.9-1.1l0-20.4c0-0.7 0.3-1 0.9-1.1 1.3-0.2 4-0.5 6.6-0.5 6.1 0 9.8 3.2 9.8 9.7l0 4c0 6.5-3.7 9.7-9.8 9.7zm4.6-13.7c0-4.2-1.8-5.3-4.6-5.3-0.8 0-1.8 0-2.2 0.1l0 14.4c0.4 0 1.4 0.1 2.2 0.1 2.8 0 4.6-1.1 4.6-5.3l0-4zM372.3 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM393.7 274l-3 0c-0.6 0-1.1-0.1-1.6-1l-7-12.1c-0.1-0.2-0.2-0.2-0.3-0.2-0.1 0-0.2 0.1-0.2 0.2l0 12.5c0 0.3-0.3 0.6-0.6 0.6l-3.6 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.1c0-0.6 0.5-1.2 1.2-1.2l3.1 0c0.6 0 0.9 0.3 1.3 1l7.3 12.7c0.1 0.2 0.2 0.2 0.2 0.2 0.1 0 0.2-0.1 0.2-0.3l0-13c0-0.3 0.3-0.6 0.6-0.6l3.6 0c0.3 0 0.6 0.2 0.6 0.6l0 21.1c0 0.6-0.6 1.2-1.2 1.2zM412.4 273.8c-0.6 0.2-2.4 0.5-4.6 0.5-4.7 0-9.1-2.5-9.1-9.8l0-3.9c0-7.3 4.4-9.8 9.1-9.8 2.2 0 3.9 0.3 4.6 0.5 0.4 0.1 0.7 0.2 0.7 0.7l0 3c0 0.4-0.2 0.6-0.6 0.6 0 0-0.1 0-0.1 0-1.2-0.1-2.9-0.2-4.6-0.2-2.1 0-3.8 1.1-3.8 5.2l0 3.9c0 4.1 1.7 5.2 3.8 5.2 1.7 0 3.4-0.2 4.6-0.2 0 0 0.1 0 0.1 0 0.4 0 0.6 0.2 0.6 0.6l0 3c0 0.4-0.2 0.6-0.7 0.7zM433.6 251.8l-4.7 10.7c-0.6 1.4-1.3 2.1-2 2.4l0 8.6c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-8.6c-0.7-0.3-1.4-1-2-2.4l-4.7-10.7c0-0.1 0-0.2 0-0.2 0-0.2 0.2-0.5 0.5-0.5l4.4 0c0.3 0 0.5 0.2 0.6 0.5l3.3 8.7c0.2 0.4 0.2 0.5 0.5 0.5 0.2 0 0.3-0.1 0.5-0.5l3.3-8.7c0.1-0.3 0.3-0.5 0.6-0.5l4.4 0c0.3 0 0.5 0.2 0.5 0.5 0 0.1 0 0.2 0 0.2zM442 266.5l-6 0c-0.3 0-0.6-0.2-0.6-0.6l0-2.5c0-0.3 0.3-0.6 0.6-0.6l6 0c0.3 0 0.6 0.2 0.6 0.6l0 2.5c0 0.3-0.3 0.6-0.6 0.6z" style="fill:#231f20;opacity:0.5"/><path d="m459 273.8c-0.6 0.2-2.4 0.5-4.6 0.5-4.7 0-9.1-2.5-9.1-9.8l0-3.9c0-7.3 4.4-9.8 9.1-9.8 2.2 0 3.9 0.3 4.6 0.5 0.4 0.1 0.7 0.2 0.7 0.7l0 3c0 0.4-0.2 0.6-0.6 0.6 0 0-0.1 0-0.1 0-1.2-0.1-2.9-0.2-4.6-0.2-2.1 0-3.8 1.1-3.8 5.2l0 3.9c0 4.1 1.7 5.2 3.8 5.2 1.7 0 3.4-0.2 4.6-0.2 0 0 0.1 0 0.1 0 0.4 0 0.6 0.2 0.6 0.6l0 3c0 0.4-0.2 0.6-0.7 0.7zM480.6 274l-4 0M480.6 274l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-8.9-7.6 0 0 8.9c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.7c0-0.3 0.3-0.6 0.6-0.6l4 0c0.3 0 0.6 0.2 0.6 0.6l0 8.2 7.6 0 0-8.2c0-0.3 0.3-0.6 0.6-0.6l4 0c0.3 0 0.6 0.2 0.6 0.6l0 21.7c0 0.3-0.3 0.6-0.6 0.6zM498.9 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM516.6 273.8c-0.6 0.2-2.4 0.5-4.6 0.5-4.7 0-9.1-2.5-9.1-9.8l0-3.9c0-7.3 4.4-9.8 9.1-9.8 2.2 0 3.9 0.3 4.6 0.5 0.4 0.1 0.7 0.2 0.7 0.7l0 3c0 0.4-0.2 0.6-0.6 0.6 0 0-0.1 0-0.1 0-1.2-0.1-2.9-0.2-4.6-0.2-2.1 0-3.8 1.1-3.8 5.2l0 3.9c0 4.1 1.7 5.2 3.8 5.2 1.7 0 3.4-0.2 4.6-0.2 0 0 0.1 0 0.1 0 0.4 0 0.6 0.2 0.6 0.6l0 3c0 0.4-0.2 0.6-0.7 0.7zM538.5 251.9l-7.3 10.4 7.4 11.1c0.1 0.1 0.1 0.2 0.1 0.3 0 0.2-0.2 0.3-0.4 0.3l-5.3 0c-0.4 0-0.5-0.2-0.7-0.4l-6.3-10.2 0 10c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.7c0-0.3 0.3-0.6 0.6-0.6l4 0c0.3 0 0.6 0.2 0.6 0.6l0 9.8 6.8-10c0.2-0.2 0.3-0.4 0.7-0.4l4.7 0c0.3 0 0.5 0.2 0.5 0.3 0 0.1-0.1 0.3-0.2 0.4z" fill="#f78d0a"/><path d="m151.6 187.1 0-14.6c-36.7 5.4-65.9 33.9-72.2 70.4l14.7 0C100 214.5 122.8 192.2 151.6 187.1Z" style="fill:#231f20;opacity:0.5"/><path d="m151.6 200.4 0-13.3c-28.7 5.1-51.6 27.3-57.5 55.8l13.3 0c5.5-21.2 22.6-37.8 44.2-42.5z" style="fill:#231f20;opacity:0.3"/><path d="m193 237-10.9 10.9c0.3 0.6 0.7 1.2 1 1.9 1 2.5 1.5 5.3 1.5 8.2l0 0.2c0 3-0.5 5.8-1.5 8.2-1 2.5-2.4 4.6-4.2 6.4-1.8 1.8-3.9 3.2-6.4 4.2-2.5 1-5.3 1.5-8.3 1.5l-11.5 0 0-1-14.4 14.4 25.9 0c5.3 0 10.1-0.9 14.6-2.6 4.4-1.7 8.2-4.1 11.4-7.2 3.2-3 5.7-6.6 7.4-10.7 1.7-4.1 2.6-8.6 2.6-13.3l0-0.2c0-4.8-0.9-9.2-2.6-13.3-1.2-2.7-2.7-5.2-4.5-7.5z" fill="#f78d0a"/><path d="m152.7 237.6 11.5 0c3 0 5.8 0.5 8.3 1.5 2.5 1 4.7 2.4 6.4 4.2 1.3 1.3 2.3 2.9 3.2 4.6l10.9-10.9c-0.9-1.1-1.8-2.2-2.9-3.2-3.2-3-7-5.4-11.4-7.1-4.4-1.7-9.3-2.6-14.6-2.6l-26.4 0 0 67.7 0.5 0 14.4-14.4 0-39.8z" style="fill:#f78d0a;opacity:0.7"/><path d="m179.5 187.7 0 13.4c11.9 3.2 22.3 10.1 29.9 19.4l9.2-9.3c-10-11.7-23.6-20.1-39.2-23.5z" style="fill:#231f20;opacity:0.3"/><path d="m179.5 173 0 14.7c15.5 3.4 29.2 11.8 39.2 23.5l10.2-10.2c-12.6-14.3-29.8-24.5-49.4-28zM93.7 270.9l-14.6 0M93.7 270.9l-14.6 0c3.1 20.5 13.6 38.6 28.5 51.7l10.2-10.2C105.5 301.9 96.8 287.4 93.7 270.9Z" fill="#f78d0a"/><path d="m107 270.9-13.3 0c3.1 16.5 11.8 31 24.1 41.5l9.2-9.3c-9.9-8.1-17.1-19.3-20-32.2z" style="fill:#231f20;opacity:0.3"/></g></svg>
<p class="disclaimer">Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.</p>
<h3><a href="https://jeremylong.github.io/DependencyCheck/general/thereport.html" target="_blank">How&nbsp;to&nbsp;read&nbsp;the&nbsp;report</a> | 
<a href="https://jeremylong.github.io/DependencyCheck/general/suppression.html" target="_blank">Suppressing false positives</a> |
Getting Help: <a href="https://github.com/jeremylong/DependencyCheck/issues" target="_blank">github issues</a><br/><br/>
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="10pt" height="10pt" viewBox="0 0 10 10" version="1.1"><g id="surface1"><path style=" stroke:none;fill-rule:nonzero;fill:rgb(0%,0%,0%);fill-opacity:1;" d="M 8.125 4.167969 C 7.089844 4.167969 6.25 5.007812 6.25 6.042969 C 6.25 7.078125 7.089844 7.917969 8.125 7.917969 C 9.160156 7.917969 10 7.078125 10 6.042969 C 10 5.007812 9.160156 4.167969 8.125 4.167969 Z M 9.167969 6.25 L 8.332031 6.25 L 8.332031 7.082031 L 7.917969 7.082031 L 7.917969 6.25 L 7.082031 6.25 L 7.082031 5.832031 L 7.917969 5.832031 L 7.917969 5 L 8.332031 5 L 8.332031 5.832031 L 9.167969 5.832031 Z M 6.445312 8.164062 C 5.984375 8.617188 5.5 9.089844 5 9.582031 C 2.320312 6.925781 0 4.9375 0 2.996094 C 0 1.328125 1.289062 0.417969 2.617188 0.417969 C 3.53125 0.417969 4.464844 0.851562 5 1.769531 C 5.53125 0.855469 6.46875 0.421875 7.386719 0.421875 C 8.710938 0.421875 10 1.324219 10 2.996094 C 10 3.308594 9.933594 3.621094 9.824219 3.933594 C 9.605469 3.757812 9.355469 3.617188 9.085938 3.511719 C 9.136719 3.335938 9.167969 3.164062 9.167969 2.996094 C 9.167969 1.800781 8.242188 1.253906 7.386719 1.253906 C 6.027344 1.253906 5.3125 2.703125 5 3.347656 C 4.6875 2.703125 3.964844 1.25 2.617188 1.25 C 1.652344 1.25 0.832031 1.882812 0.832031 2.996094 C 0.832031 4.429688 2.808594 6.265625 5 8.414062 L 5.878906 7.554688 C 6.035156 7.785156 6.226562 7.988281 6.445312 8.164062 Z M 6.445312 8.164062 "/></g></svg>&nbsp;<a aria-label="Sponsor @jeremylong" target="_blank" href="https://github.com/sponsors/jeremylong">Sponsor</a></h3>
<h2 class="">Project:&nbsp;VulnApp</h2><h4>ssdlc.online:VulnApp:0.0.1-SNAPSHOT</h4><div class="">Scan Information (<a href="#" title="Click to toggle display" id="scanInformationToggle">show all</a>):<br/><ul class="indent"><li><i>dependency-check version</i>: 9.1.0</li><li><i>Report Generated On</i>: Thu, 9 May 2024 13:54:51 +0700</li><li><i>Dependencies Scanned</i>:&nbsp;80 (52 unique)</li><li><i>Vulnerable Dependencies</i>:&nbsp;<span id="vulnerableCount">10</span></li><li><i>Vulnerabilities Found</i>:&nbsp;17</li><li><i>Vulnerabilities Suppressed</i>:&nbsp;0 </li><li class="scaninfo">...</li><li class="scaninfo hidden"><i>NVD API Last Checked</i>: 2024-05-09T12:59:59+07</li><li class="scaninfo hidden"><i>NVD API Last Modified</i>: 2024-05-09T01:15:06Z</li></ul><br/><h2>Summary</h2>Display:&nbsp;<a href="#" title="Click to toggle display" id="vulnerabilityDisplayToggle">Showing Vulnerable Dependencies (click to show all)</a><br/><br/><table id="summaryTable" class="lined"><thead><tr style="text-align:left"><th class="sortable" data-sort="string" title="The name of the dependency">Dependency</th><th class="sortable" data-sort="string" title="The Common Platform Enumeration">Vulnerability&nbsp;IDs</th><th class="sortable" data-sort="string" title="The Build Coordinates">Package</th><th class="sortable" data-sort="float"  title="The highest CVE Severity">Highest&nbsp;Severity</th><th class="sortable" data-sort="int"    title="The number of Common Vulnerability and Exposure (CVE) entries">CVE&nbsp;Count</th><th class="sortable" data-sort="string" title="The confidence rating dependency-check has for the identified CPE">Confidence</th><th class="sortable" data-sort="int"    title="The count of evidence collected to identify the CPE">Evidence&nbsp;Count</th></tr></thead><tr class="notvulnerable"><td data-sort-value="HDRHISTOGRAM-2.1.12.JAR"><a href="#l1_6eb7552156e0d517ae80cc2247be1427c8d90452">HdrHistogram-2.1.12.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.hdrhistogram/HdrHistogram@2.1.12"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hdrhistogram/HdrHistogram@2.1.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.hdrhistogram/HdrHistogram@2.1.12</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>27</td></tr><tr class="notvulnerable"><td data-sort-value="HIKARICP-5.0.1.JAR"><a href="#l2_a74c7f0a37046846e88d54f7cb6ea6d565c65f9c">HikariCP-5.0.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.zaxxer/HikariCP@5.0.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.zaxxer/HikariCP@5.0.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.zaxxer/HikariCP@5.0.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>38</td></tr><tr class="notvulnerable"><td data-sort-value="LATENCYUTILS-2.0.3.JAR"><a href="#l3_769c0b82cb2421c8256300e907298a9410a2a3d3">LatencyUtils-2.0.3.jar</a></td><td data-sort-value="cpe:2.3:a:utils_project:utils:2.0.3:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Autils_project&amp;cpe_product=cpe%3A%2F%3Autils_project%3Autils&amp;cpe_version=cpe%3A%2F%3Autils_project%3Autils%3A2.0.3" target="_blank">cpe:2.3:a:utils_project:utils:2.0.3:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.latencyutils/LatencyUtils@2.0.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.latencyutils/LatencyUtils@2.0.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.latencyutils/LatencyUtils@2.0.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>20</td></tr><tr class="notvulnerable"><td data-sort-value="ANGUS-ACTIVATION-2.0.1.JAR"><a href="#l4_eaafaf4eb71b400e4136fc3a286f50e34a68ecb7">angus-activation-2.0.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.eclipse.angus/angus-activation@2.0.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.eclipse.angus/angus-activation@2.0.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.eclipse.angus/angus-activation@2.0.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>35</td></tr><tr class="notvulnerable"><td data-sort-value="ANTLR4-RUNTIME-4.10.1.JAR"><a href="#l5_10839f875928f59c622d675091d51a43ea0dc5f7">antlr4-runtime-4.10.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.antlr/antlr4-runtime@4.10.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.antlr/antlr4-runtime@4.10.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.antlr/antlr4-runtime@4.10.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>33</td></tr><tr class="notvulnerable"><td data-sort-value="ASPECTJWEAVER-1.9.20.JAR"><a href="#l6_da562407e43f74c0f8f5f5df4065d85ec1736d01">aspectjweaver-1.9.20.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.aspectj/aspectjweaver@1.9.20"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.aspectj/aspectjweaver@1.9.20?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.aspectj/aspectjweaver@1.9.20</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>49</td></tr><tr class="notvulnerable"><td data-sort-value="ATTOPARSER-2.0.7.RELEASE.JAR"><a href="#l7_e5d0e988d9124139d645bb5872b24dfa23e283cc">attoparser-2.0.7.RELEASE.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.attoparser/attoparser@2.0.7.RELEASE"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.attoparser/attoparser@2.0.7.RELEASE?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.attoparser/attoparser@2.0.7.RELEASE</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>42</td></tr><tr class="notvulnerable"><td data-sort-value="BYTE-BUDDY-1.12.23.JAR"><a href="#l8_d470526e8c4566c04e9ae5d3ccb62d1a7aa58986">byte-buddy-1.12.23.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/net.bytebuddy/byte-buddy@1.12.23"><a href="https://ossindex.sonatype.org/component/pkg:maven/net.bytebuddy/byte-buddy@1.12.23?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/net.bytebuddy/byte-buddy@1.12.23</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>29</td></tr><tr class="notvulnerable"><td data-sort-value="CLASSMATE-1.5.1.JAR"><a href="#l9_3fe0bed568c62df5e89f4f174c101eab25345b6c">classmate-1.5.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.fasterxml/classmate@1.5.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml/classmate@1.5.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.fasterxml/classmate@1.5.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>54</td></tr><tr class="notvulnerable"><td data-sort-value="HIBERNATE-COMMONS-ANNOTATIONS-6.0.6.FINAL.JAR"><a href="#l10_77a5f94b56d49508e0ee334751db5b78e5ccd50c">hibernate-commons-annotations-6.0.6.Final.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.hibernate.common/hibernate-commons-annotations@6.0.6.Final"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hibernate.common/hibernate-commons-annotations@6.0.6.Final?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.hibernate.common/hibernate-commons-annotations@6.0.6.Final</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>38</td></tr><tr class="notvulnerable"><td data-sort-value="HIBERNATE-CORE-6.1.7.FINAL.JAR"><a href="#l11_343f47b34c96fe9c44bf9b219a7b3c5d6d2fc90e">hibernate-core-6.1.7.Final.jar</a></td><td data-sort-value="cpe:2.3:a:hibernate:hibernate_orm:6.1.7:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Ahibernate&amp;cpe_product=cpe%3A%2F%3Ahibernate%3Ahibernate_orm&amp;cpe_version=cpe%3A%2F%3Ahibernate%3Ahibernate_orm%3A6.1.7" target="_blank">cpe:2.3:a:hibernate:hibernate_orm:6.1.7:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.hibernate.orm/hibernate-core@6.1.7.Final"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hibernate.orm/hibernate-core@6.1.7.Final?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.hibernate.orm/hibernate-core@6.1.7.Final</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>49</td></tr><tr class="notvulnerable"><td data-sort-value="HIBERNATE-VALIDATOR-8.0.1.FINAL.JAR"><a href="#l12_e49e116b3d3928060599b176b3538bb848718e95">hibernate-validator-8.0.1.Final.jar</a></td><td data-sort-value="cpe:2.3:a:redhat:hibernate_validator:8.0.1:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aredhat&amp;cpe_product=cpe%3A%2F%3Aredhat%3Ahibernate_validator&amp;cpe_version=cpe%3A%2F%3Aredhat%3Ahibernate_validator%3A8.0.1" target="_blank">cpe:2.3:a:redhat:hibernate_validator:8.0.1:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.hibernate.validator/hibernate-validator@8.0.1.Final"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hibernate.validator/hibernate-validator@8.0.1.Final?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.hibernate.validator/hibernate-validator@8.0.1.Final</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>34</td></tr><tr class="notvulnerable"><td data-sort-value="ISTACK-COMMONS-RUNTIME-4.1.2.JAR"><a href="#l13_18ec117c85f3ba0ac65409136afa8e42bc74e739">istack-commons-runtime-4.1.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.sun.istack/istack-commons-runtime@4.1.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.sun.istack/istack-commons-runtime@4.1.2?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.sun.istack/istack-commons-runtime@4.1.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>29</td></tr><tr class="notvulnerable"><td data-sort-value="JACKSON-CORE-2.14.3.JAR"><a href="#l14_4fa101f81504ed6811bf1823270adb51a9b45ff3">jackson-core-2.14.3.jar</a></td><td data-sort-value="cpe:2.3:a:fasterxml:jackson-modules-java8:2.14.3:*:*:*:*:*:*:*">cpe:2.3:a:fasterxml:jackson-modules-java8:2.14.3:*:*:*:*:*:*:*</td><td data-sort-value="pkg:maven/com.fasterxml.jackson.core/jackson-core@2.14.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.14.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.fasterxml.jackson.core/jackson-core@2.14.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="3">Low</td><td>45</td></tr><tr class=" vulnerable"><td data-sort-value="JACKSON-DATABIND-2.14.3.JAR"><a href="#l15_ba0373b04bf0f03b0cd268cd2e5e8444aaaf9208">jackson-databind-2.14.3.jar</a></td><td data-sort-value="cpe:2.3:a:fasterxml:jackson-databind:2.14.3:*:*:*:*:*:*:*cpe:2.3:a:fasterxml:jackson-modules-java8:2.14.3:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Afasterxml&amp;cpe_product=cpe%3A%2F%3Afasterxml%3Ajackson-databind&amp;cpe_version=cpe%3A%2F%3Afasterxml%3Ajackson-databind%3A2.14.3" target="_blank">cpe:2.3:a:fasterxml:jackson-databind:2.14.3:*:*:*:*:*:*:*</a><br/>cpe:2.3:a:fasterxml:jackson-modules-java8:2.14.3:*:*:*:*:*:*:*</td><td data-sort-value="pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.3</a></td><td data-sort-value="47.0">MEDIUM</td><td>1</td><td data-sort-value="0">Highest</td><td>41</td></tr><tr class="notvulnerable"><td data-sort-value="JAKARTA.ACTIVATION-API-2.1.2.JAR"><a href="#l16_640c0d5aff45dbff1e1a1bc09673ff3a02b1ba12">jakarta.activation-api-2.1.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/jakarta.activation/jakarta.activation-api@2.1.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.activation/jakarta.activation-api@2.1.2?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.activation/jakarta.activation-api@2.1.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>45</td></tr><tr class="notvulnerable"><td data-sort-value="JAKARTA.ANNOTATION-API-2.1.1.JAR"><a href="#l17_48b9bda22b091b1f48b13af03fe36db3be6e1ae3">jakarta.annotation-api-2.1.1.jar</a></td><td data-sort-value="cpe:2.3:a:oracle:projects:2.1.1:*:*:*:*:*:*:*">cpe:2.3:a:oracle:projects:2.1.1:*:*:*:*:*:*:*</td><td data-sort-value="pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="3">Low</td><td>42</td></tr><tr class="notvulnerable"><td data-sort-value="JAKARTA.INJECT-API-2.0.0.JAR"><a href="#l18_46fc8560b6fd17b78396d88f39c1a730457671f0">jakarta.inject-api-2.0.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/jakarta.inject/jakarta.inject-api@2.0.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.inject/jakarta.inject-api@2.0.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.inject/jakarta.inject-api@2.0.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>56</td></tr><tr class="notvulnerable"><td data-sort-value="JAKARTA.PERSISTENCE-API-3.1.0.JAR"><a href="#l19_66901fa1c373c6aff65c13791cc11da72060a8d6">jakarta.persistence-api-3.1.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/jakarta.persistence/jakarta.persistence-api@3.1.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.persistence/jakarta.persistence-api@3.1.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.persistence/jakarta.persistence-api@3.1.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>40</td></tr><tr class="notvulnerable"><td data-sort-value="JAKARTA.TRANSACTION-API-2.0.1.JAR"><a href="#l20_51a520e3fae406abb84e2e1148e6746ce3f80a1a">jakarta.transaction-api-2.0.1.jar</a></td><td data-sort-value="cpe:2.3:a:oracle:projects:2.0.1:*:*:*:*:*:*:*">cpe:2.3:a:oracle:projects:2.0.1:*:*:*:*:*:*:*</td><td data-sort-value="pkg:maven/jakarta.transaction/jakarta.transaction-api@2.0.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.transaction/jakarta.transaction-api@2.0.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.transaction/jakarta.transaction-api@2.0.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="3">Low</td><td>50</td></tr><tr class="notvulnerable"><td data-sort-value="JAKARTA.VALIDATION-API-3.0.2.JAR"><a href="#l21_92b6631659ba35ca09e44874d3eb936edfeee532">jakarta.validation-api-3.0.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/jakarta.validation/jakarta.validation-api@3.0.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.validation/jakarta.validation-api@3.0.2?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.validation/jakarta.validation-api@3.0.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>56</td></tr><tr class="notvulnerable"><td data-sort-value="JAKARTA.XML.BIND-API-4.0.1.JAR"><a href="#l22_ca2330866cbc624c7e5ce982e121db1125d23e15">jakarta.xml.bind-api-4.0.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@4.0.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@4.0.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@4.0.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>31</td></tr><tr class="notvulnerable"><td data-sort-value="JANDEX-2.4.2.FINAL.JAR"><a href="#l23_1e1c385990b258ff1a24c801e84aebbacf70eb39">jandex-2.4.2.Final.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.jboss/jandex@2.4.2.Final"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.jboss/jandex@2.4.2.Final?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.jboss/jandex@2.4.2.Final</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>42</td></tr><tr class="notvulnerable"><td data-sort-value="JAXB-CORE-4.0.3.JAR"><a href="#l24_e9093b4a82069a1d78ee9a3233ca387bca88861f">jaxb-core-4.0.3.jar</a></td><td data-sort-value="cpe:2.3:a:eclipse:glassfish:4.0.3:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aeclipse&amp;cpe_product=cpe%3A%2F%3Aeclipse%3Aglassfish&amp;cpe_version=cpe%3A%2F%3Aeclipse%3Aglassfish%3A4.0.3" target="_blank">cpe:2.3:a:eclipse:glassfish:4.0.3:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.glassfish.jaxb/jaxb-core@4.0.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.glassfish.jaxb/jaxb-core@4.0.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.glassfish.jaxb/jaxb-core@4.0.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>40</td></tr><tr class="notvulnerable"><td data-sort-value="JBOSS-LOGGING-3.5.3.FINAL.JAR"><a href="#l25_c88fc1d8a96d4c3491f55d4317458ccad53ca663">jboss-logging-3.5.3.Final.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.jboss.logging/jboss-logging@3.5.3.Final"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.jboss.logging/jboss-logging@3.5.3.Final?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.jboss.logging/jboss-logging@3.5.3.Final</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>41</td></tr><tr class="notvulnerable"><td data-sort-value="JUL-TO-SLF4J-2.0.9.JAR"><a href="#l26_09ef7c70b248185845f013f49a33ff9ca65b7975">jul-to-slf4j-2.0.9.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.slf4j/jul-to-slf4j@2.0.9"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.slf4j/jul-to-slf4j@2.0.9?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.slf4j/jul-to-slf4j@2.0.9</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>31</td></tr><tr class="notvulnerable"><td data-sort-value="LOG4J-API-2.19.0.JAR"><a href="#l27_ea1b37f38c327596b216542bc636cfdc0b8036fa">log4j-api-2.19.0.jar</a></td><td data-sort-value="cpe:2.3:a:apache:log4j:2.19.0:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Alog4j&amp;cpe_version=cpe%3A%2F%3Aapache%3Alog4j%3A2.19.0" target="_blank">cpe:2.3:a:apache:log4j:2.19.0:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.apache.logging.log4j/log4j-api@2.19.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.logging.log4j/log4j-api@2.19.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.apache.logging.log4j/log4j-api@2.19.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>46</td></tr><tr class="notvulnerable"><td data-sort-value="LOG4J-TO-SLF4J-2.19.0.JAR"><a href="#l28_30f4812e43172ecca5041da2cb6b965cc4777c19">log4j-to-slf4j-2.19.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.logging.log4j/log4j-to-slf4j@2.19.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.logging.log4j/log4j-to-slf4j@2.19.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.apache.logging.log4j/log4j-to-slf4j@2.19.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>42</td></tr><tr class=" vulnerable"><td data-sort-value="LOGBACK-CORE-1.4.11.JAR"><a href="#l29_2f9f280219a9922a74200eaf7138c4c17fb87c0f">logback-core-1.4.11.jar</a></td><td data-sort-value="cpe:2.3:a:qos:logback:1.4.11:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aqos&amp;cpe_product=cpe%3A%2F%3Aqos%3Alogback&amp;cpe_version=cpe%3A%2F%3Aqos%3Alogback%3A1.4.11" target="_blank">cpe:2.3:a:qos:logback:1.4.11:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/ch.qos.logback/logback-core@1.4.11"><a href="https://ossindex.sonatype.org/component/pkg:maven/ch.qos.logback/logback-core@1.4.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/ch.qos.logback/logback-core@1.4.11</a></td><td data-sort-value="75.0">HIGH</td><td>1</td><td data-sort-value="0">Highest</td><td>36</td></tr><tr class="notvulnerable"><td data-sort-value="LOMBOK-1.18.30.JAR: MAVENECJBOOTSTRAPAGENT.JAR"><a href="#l30_e67209a53266080be85e8848c01fd15af98700c7">lombok-1.18.30.jar: mavenEcjBootstrapAgent.jar</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>7</td></tr><tr class="notvulnerable"><td data-sort-value="LOMBOK-1.18.30.JAR"><a href="#l31_f195ee86e6c896ea47a1d39defbe20eb59cd149d">lombok-1.18.30.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.projectlombok/lombok@1.18.30"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.projectlombok/lombok@1.18.30?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.projectlombok/lombok@1.18.30</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>36</td></tr><tr class="notvulnerable"><td data-sort-value="MICROMETER-COMMONS-1.10.11.JAR"><a href="#l32_b8c88a741054458b78f6e30b7300fe485070bf07">micrometer-commons-1.10.11.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/io.micrometer/micrometer-commons@1.10.11"><a href="https://ossindex.sonatype.org/component/pkg:maven/io.micrometer/micrometer-commons@1.10.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/io.micrometer/micrometer-commons@1.10.11</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>61</td></tr><tr class="notvulnerable"><td data-sort-value="MICROMETER-CORE-1.10.11.JAR"><a href="#l33_adbe9b99be2e5cb4f835dd2134c5f66c69f23b3a">micrometer-core-1.10.11.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/io.micrometer/micrometer-core@1.10.11"><a href="https://ossindex.sonatype.org/component/pkg:maven/io.micrometer/micrometer-core@1.10.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/io.micrometer/micrometer-core@1.10.11</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>64</td></tr><tr class="notvulnerable"><td data-sort-value="MICROMETER-OBSERVATION-1.10.11.JAR"><a href="#l34_884b41886e44f2f109ea628330aeeaf0a21549e7">micrometer-observation-1.10.11.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/io.micrometer/micrometer-observation@1.10.11"><a href="https://ossindex.sonatype.org/component/pkg:maven/io.micrometer/micrometer-observation@1.10.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/io.micrometer/micrometer-observation@1.10.11</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>61</td></tr><tr class="notvulnerable"><td data-sort-value="MYSQL-CONNECTOR-J-8.2.0.JAR"><a href="#l35_56d34aea30915904b1c883f1cfae731dd2df6029">mysql-connector-j-8.2.0.jar</a></td><td data-sort-value="cpe:2.3:a:mysql:mysql:8.2.0:*:*:*:*:*:*:*cpe:2.3:a:oracle:mysql_connector\/j:8.2.0:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Amysql&amp;cpe_product=cpe%3A%2F%3Amysql%3Amysql&amp;cpe_version=cpe%3A%2F%3Amysql%3Amysql%3A8.2.0" target="_blank">cpe:2.3:a:mysql:mysql:8.2.0:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aoracle&amp;cpe_product=cpe%3A%2F%3Aoracle%3Amysql_connector%2Fj&amp;cpe_version=cpe%3A%2F%3Aoracle%3Amysql_connector%2Fj%3A8.2.0" target="_blank">cpe:2.3:a:oracle:mysql_connector\/j:8.2.0:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/com.mysql/mysql-connector-j@8.2.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.mysql/mysql-connector-j@8.2.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.mysql/mysql-connector-j@8.2.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>52</td></tr><tr class="notvulnerable"><td data-sort-value="SLF4J-API-2.0.9.JAR"><a href="#l36_7cf2726fdcfbc8610f9a71fb3ed639871f315340">slf4j-api-2.0.9.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.slf4j/slf4j-api@2.0.9"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.slf4j/slf4j-api@2.0.9?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.slf4j/slf4j-api@2.0.9</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>29</td></tr><tr class="notvulnerable"><td data-sort-value="SNAKEYAML-2.0.JAR"><a href="#l37_3aab2116756442bf0d4cd1c089b24d34c3baa253">snakeyaml-2.0.jar</a></td><td data-sort-value="cpe:2.3:a:snakeyaml_project:snakeyaml:2.0:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Asnakeyaml_project&amp;cpe_product=cpe%3A%2F%3Asnakeyaml_project%3Asnakeyaml&amp;cpe_version=cpe%3A%2F%3Asnakeyaml_project%3Asnakeyaml%3A2.0" target="_blank">cpe:2.3:a:snakeyaml_project:snakeyaml:2.0:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.yaml/snakeyaml@2.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.yaml/snakeyaml@2.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.yaml/snakeyaml@2.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>42</td></tr><tr class=" vulnerable"><td data-sort-value="SPRING-BOOT-3.0.11.JAR"><a href="#l38_f629f726752bd9b54a60e14b78819469b300d582">spring-boot-3.0.11.jar</a></td><td data-sort-value="cpe:2.3:a:vmware:spring_boot:3.0.11:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_boot&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_boot%3A3.0.11" target="_blank">cpe:2.3:a:vmware:spring_boot:3.0.11:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.springframework.boot/spring-boot@3.0.11"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot@3.0.11</a></td><td data-sort-value="65.0">MEDIUM</td><td>1</td><td data-sort-value="0">Highest</td><td>38</td></tr><tr class=" vulnerable"><td data-sort-value="SPRING-BOOT-STARTER-THYMELEAF-3.0.11.JAR"><a href="#l39_375fba06ef262bc61f33932c664bb807d5975f9b">spring-boot-starter-thymeleaf-3.0.11.jar</a></td><td data-sort-value="cpe:2.3:a:thymeleaf:thymeleaf:3.0.11:*:*:*:*:*:*:*cpe:2.3:a:vmware:spring_boot:3.0.11:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Athymeleaf&amp;cpe_product=cpe%3A%2F%3Athymeleaf%3Athymeleaf&amp;cpe_version=cpe%3A%2F%3Athymeleaf%3Athymeleaf%3A3.0.11" target="_blank">cpe:2.3:a:thymeleaf:thymeleaf:3.0.11:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_boot&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_boot%3A3.0.11" target="_blank">cpe:2.3:a:vmware:spring_boot:3.0.11:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11</a></td><td data-sort-value="75.0">HIGH</td><td>2</td><td data-sort-value="0">Highest</td><td>36</td></tr><tr class=" vulnerable"><td data-sort-value="SPRING-BOOT-STARTER-WEB-3.0.11.JAR"><a href="#l40_2dd2814553b4d0afca6303aee364efdfb35ed4ad">spring-boot-starter-web-3.0.11.jar</a></td><td data-sort-value="cpe:2.3:a:vmware:spring_boot:3.0.11:*:*:*:*:*:*:*cpe:2.3:a:web_project:web:3.0.11:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_boot&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_boot%3A3.0.11" target="_blank">cpe:2.3:a:vmware:spring_boot:3.0.11:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aweb_project&amp;cpe_product=cpe%3A%2F%3Aweb_project%3Aweb&amp;cpe_version=cpe%3A%2F%3Aweb_project%3Aweb%3A3.0.11" target="_blank">cpe:2.3:a:web_project:web:3.0.11:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11</a></td><td data-sort-value="65.0">MEDIUM</td><td>1</td><td data-sort-value="0">Highest</td><td>36</td></tr><tr class=" vulnerable"><td data-sort-value="SPRING-CORE-6.0.12.JAR"><a href="#l41_a55e70359371b03ee29dacd75c3b40d0baf3a656">spring-core-6.0.12.jar</a></td><td data-sort-value="cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aspringsource&amp;cpe_product=cpe%3A%2F%3Aspringsource%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Aspringsource%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.springframework/spring-core@6.0.12"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-core@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-core@6.0.12</a></td><td data-sort-value="75.0">HIGH</td><td>2</td><td data-sort-value="0">Highest</td><td>37</td></tr><tr class="notvulnerable"><td data-sort-value="SPRING-DATA-COMMONS-3.0.10.JAR"><a href="#l42_050a12ab567c19c34ce02f0d2180f81bc7872789">spring-data-commons-3.0.10.jar</a></td><td data-sort-value="cpe:2.3:a:pivotal_software:spring_data_commons:3.0.10:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_data_commons&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_data_commons%3A3.0.10" target="_blank">cpe:2.3:a:pivotal_software:spring_data_commons:3.0.10:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.springframework.data/spring-data-commons@3.0.10"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.data/spring-data-commons@3.0.10?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.data/spring-data-commons@3.0.10</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>32</td></tr><tr class="notvulnerable"><td data-sort-value="SPRING-DATA-JPA-3.0.10.JAR"><a href="#l43_18fb82ea3208f7481be5abe3718fa0537b9710d0">spring-data-jpa-3.0.10.jar</a></td><td data-sort-value="cpe:2.3:a:pivotal_software:spring_data_jpa:3.0.10:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_data_jpa&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_data_jpa%3A3.0.10" target="_blank">cpe:2.3:a:pivotal_software:spring_data_jpa:3.0.10:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.springframework.data/spring-data-jpa@3.0.10"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.data/spring-data-jpa@3.0.10?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.data/spring-data-jpa@3.0.10</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>30</td></tr><tr class=" vulnerable"><td data-sort-value="SPRING-TX-6.0.12.JAR"><a href="#l44_b4e997baac7dd14593f3e4f815e3646279e9a63f">spring-tx-6.0.12.jar</a></td><td data-sort-value="cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aspringsource&amp;cpe_product=cpe%3A%2F%3Aspringsource%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Aspringsource%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.springframework/spring-tx@6.0.12"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-tx@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-tx@6.0.12</a></td><td data-sort-value="75.0">HIGH</td><td>1</td><td data-sort-value="0">Highest</td><td>35</td></tr><tr class=" vulnerable"><td data-sort-value="SPRING-WEB-6.0.12.JAR"><a href="#l45_89a20bbd7c1f973dc246b1d790b34e0b3e28e74d">spring-web-6.0.12.jar</a></td><td data-sort-value="cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*cpe:2.3:a:web_project:web:6.0.12:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aspringsource&amp;cpe_product=cpe%3A%2F%3Aspringsource%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Aspringsource%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aweb_project&amp;cpe_product=cpe%3A%2F%3Aweb_project%3Aweb&amp;cpe_version=cpe%3A%2F%3Aweb_project%3Aweb%3A6.0.12" target="_blank">cpe:2.3:a:web_project:web:6.0.12:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.springframework/spring-web@6.0.12"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-web@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-web@6.0.12</a></td><td data-sort-value="81.00000381469727">HIGH</td><td>3</td><td data-sort-value="0">Highest</td><td>35</td></tr><tr class=" vulnerable"><td data-sort-value="SPRING-WEBMVC-6.0.12.JAR"><a href="#l46_c7cf897d23da555a20e570d170f8f1541b04564d">spring-webmvc-6.0.12.jar</a></td><td data-sort-value="cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*cpe:2.3:a:web_project:web:6.0.12:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aspringsource&amp;cpe_product=cpe%3A%2F%3Aspringsource%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Aspringsource%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aweb_project&amp;cpe_product=cpe%3A%2F%3Aweb_project%3Aweb&amp;cpe_version=cpe%3A%2F%3Aweb_project%3Aweb%3A6.0.12" target="_blank">cpe:2.3:a:web_project:web:6.0.12:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.springframework/spring-webmvc@6.0.12"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-webmvc@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-webmvc@6.0.12</a></td><td data-sort-value="75.0">HIGH</td><td>1</td><td data-sort-value="0">Highest</td><td>37</td></tr><tr class="notvulnerable"><td data-sort-value="SWITCH.JS"><a href="#l47_92578ad15f49d805dfbc3b7ca92b9497a25ed2a5">switch.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="THYMELEAF-3.1.2.RELEASE.JAR"><a href="#l48_273997509a4c7aef86cee0521750140c587d9be2">thymeleaf-3.1.2.RELEASE.jar</a></td><td data-sort-value="cpe:2.3:a:thymeleaf:thymeleaf:3.1.2:release:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Athymeleaf&amp;cpe_product=cpe%3A%2F%3Athymeleaf%3Athymeleaf&amp;cpe_version=cpe%3A%2F%3Athymeleaf%3Athymeleaf%3A3.1.2" target="_blank">cpe:2.3:a:thymeleaf:thymeleaf:3.1.2:release:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.thymeleaf/thymeleaf@3.1.2.RELEASE"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.thymeleaf/thymeleaf@3.1.2.RELEASE?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.thymeleaf/thymeleaf@3.1.2.RELEASE</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>23</td></tr><tr class=" vulnerable"><td data-sort-value="TOMCAT-EMBED-CORE-10.1.13.JAR"><a href="#l49_6909967f2ed6c323108c2cc7f20586d6f7eb6455">tomcat-embed-core-10.1.13.jar</a></td><td data-sort-value="cpe:2.3:a:apache:tomcat:10.1.13:*:*:*:*:*:*:*cpe:2.3:a:apache_tomcat:apache_tomcat:10.1.13:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atomcat&amp;cpe_version=cpe%3A%2F%3Aapache%3Atomcat%3A10.1.13" target="_blank">cpe:2.3:a:apache:tomcat:10.1.13:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache_tomcat&amp;cpe_product=cpe%3A%2F%3Aapache_tomcat%3Aapache_tomcat&amp;cpe_version=cpe%3A%2F%3Aapache_tomcat%3Aapache_tomcat%3A10.1.13" target="_blank">cpe:2.3:a:apache_tomcat:apache_tomcat:10.1.13:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13</a></td><td data-sort-value="75.0">HIGH*</td><td>4</td><td data-sort-value="0">Highest</td><td>63</td></tr><tr class="notvulnerable"><td data-sort-value="TOMCAT-EMBED-EL-10.1.13.JAR"><a href="#l50_22c8845f7528334905c582e48a3eeefab616b0a5">tomcat-embed-el-10.1.13.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.13"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.13?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.13</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>33</td></tr><tr class="notvulnerable"><td data-sort-value="TXW2-4.0.3.JAR"><a href="#l51_47b8fe31c6d1a3382203af919400527389e01e9c">txw2-4.0.3.jar</a></td><td data-sort-value="cpe:2.3:a:eclipse:glassfish:4.0.3:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aeclipse&amp;cpe_product=cpe%3A%2F%3Aeclipse%3Aglassfish&amp;cpe_version=cpe%3A%2F%3Aeclipse%3Aglassfish%3A4.0.3" target="_blank">cpe:2.3:a:eclipse:glassfish:4.0.3:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.glassfish.jaxb/txw2@4.0.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.glassfish.jaxb/txw2@4.0.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.glassfish.jaxb/txw2@4.0.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>34</td></tr><tr class="notvulnerable"><td data-sort-value="UNBESCAPE-1.1.6.RELEASE.JAR"><a href="#l52_7b90360afb2b860e09e8347112800d12c12b2a13">unbescape-1.1.6.RELEASE.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.unbescape/unbescape@1.1.6.RELEASE"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.unbescape/unbescape@1.1.6.RELEASE?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.unbescape/unbescape@1.1.6.RELEASE</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>42</td></tr></table><p>* indicates the dependency has a known exploited vulnerability</p><h2 id="header-dependencies">Dependencies (vulnerable)</h2> <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l1_6eb7552156e0d517ae80cc2247be1427c8d90452"></a>HdrHistogram-2.1.12.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
        HdrHistogram supports the recording and analyzing sampled data value
        counts across a configurable integer value range with configurable value
        precision within the range. Value precision is expressed as the number of
        significant digits in the value recording, and provides control over value
        quantization behavior across the value range and the subsequent value
        resolution at any given level.
    </pre></p><p><b>License:</b><pre class="indent">Public Domain, per Creative Commons CC0: http://creativecommons.org/publicdomain/zero/1.0/
BSD-2-Clause: https://opensource.org/licenses/BSD-2-Clause</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\hdrhistogram\HdrHistogram\2.1.12\HdrHistogram-2.1.12.jar<br/><b>MD5:</b>&nbsp;4b1acf3448b750cb485da7e37384fcd8<br/><b>SHA1:</b>&nbsp;6eb7552156e0d517ae80cc2247be1427c8d90452<br/><b>SHA256:</b>9b47fbae444feaac4b7e04f0ea294569e4bc282bc69d8c2ce2ac3f23577281e2<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">HdrHistogram-2.1.12.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.0.11</p><h4 id="header1" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content1" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>HdrHistogram</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>hdrhistogram</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.hdrhistogram.HdrHistogram</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.hdrhistogram</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>HdrHistogram</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>HdrHistogram</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>giltene</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Gil Tene</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.hdrhistogram</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>HdrHistogram</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://hdrhistogram.github.io/HdrHistogram/</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>HdrHistogram</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>hdrhistogram</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>HdrHistogram</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.hdrhistogram.HdrHistogram</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>HdrHistogram</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>HdrHistogram</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>HdrHistogram</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>giltene</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Gil Tene</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.hdrhistogram</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>HdrHistogram</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://hdrhistogram.github.io/HdrHistogram/</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.1.12</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.1.12</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.1.12</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.1.12</td><td>Highest</td></tr></table></div><h4 id="header2" class="subsectionheader white">Identifiers</h4><div id="content2" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hdrhistogram/HdrHistogram@2.1.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.hdrhistogram/HdrHistogram@2.1.12</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l2_a74c7f0a37046846e88d54f7cb6ea6d565c65f9c"></a>HikariCP-5.0.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Ultimate JDBC Connection Pool</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\com\zaxxer\HikariCP\5.0.1\HikariCP-5.0.1.jar<br/><b>MD5:</b>&nbsp;3bc96d2ce8285470da11ec41bff6129f<br/><b>SHA1:</b>&nbsp;a74c7f0a37046846e88d54f7cb6ea6d565c65f9c<br/><b>SHA256:</b>26d492397e6775b4296737a8919bf04047afe5827fdd2c08b4557595436b3a2b<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">HikariCP-5.0.1.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header3" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content3" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>HikariCP</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>pool</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>zaxxer</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/brettwooldridge</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.zaxxer.HikariCP</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>HikariCP</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>HikariCP</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>brett.wooldridge@gmail.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Brett Wooldridge</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.zaxxer</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>HikariCP</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Zaxxer.com</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>brettwooldridge</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>brettwooldridge/HikariCP</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>HikariCP</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>11</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>pool</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>zaxxer</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/brettwooldridge</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>HikariCP</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.zaxxer.HikariCP</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>HikariCP</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>brett.wooldridge@gmail.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Brett Wooldridge</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>com.zaxxer</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>HikariCP</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Zaxxer.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>brettwooldridge</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>brettwooldridge/HikariCP</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>5.0.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>5.0.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>5.0.1</td><td>Highest</td></tr></table></div><h4 id="header4" class="subsectionheader white">Identifiers</h4><div id="content4" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.zaxxer/HikariCP@5.0.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.zaxxer/HikariCP@5.0.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l3_769c0b82cb2421c8256300e907298a9410a2a3d3"></a>LatencyUtils-2.0.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
        LatencyUtils is a package that provides latency recording and reporting utilities.
    </pre></p><p><b>License:</b><pre class="indent">Public Domain, per Creative Commons CC0: http://creativecommons.org/publicdomain/zero/1.0/</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\latencyutils\LatencyUtils\2.0.3\LatencyUtils-2.0.3.jar<br/><b>MD5:</b>&nbsp;2ad12e1ef7614cecfb0483fa9ac6da73<br/><b>SHA1:</b>&nbsp;769c0b82cb2421c8256300e907298a9410a2a3d3<br/><b>SHA256:</b>a32a9ffa06b2f4e01c5360f8f9df7bc5d9454a5d373cd8f361347fa5a57165ec<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">LatencyUtils-2.0.3.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.0.11</p><h4 id="header5" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content5" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>LatencyUtils</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>latencyutils</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>latencyutils</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>LatencyUtils</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>LatencyUtils</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>giltene</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Gil Tene</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.latencyutils</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>LatencyUtils</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://latencyutils.github.io/LatencyUtils/</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>LatencyUtils</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>latencyutils</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>LatencyUtils</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>giltene</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Gil Tene</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.latencyutils</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>LatencyUtils</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://latencyutils.github.io/LatencyUtils/</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.0.3</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0.3</td><td>Highest</td></tr></table></div><h4 id="header6" class="subsectionheader white">Identifiers</h4><div id="content6" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.latencyutils/LatencyUtils@2.0.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.latencyutils/LatencyUtils@2.0.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Autils_project&amp;cpe_product=cpe%3A%2F%3Autils_project%3Autils&amp;cpe_version=cpe%3A%2F%3Autils_project%3Autils%3A2.0.3" target="_blank">cpe:2.3:a:utils_project:utils:2.0.3:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="LatencyUtils-2.0.3.jar" data-sha1="769c0b82cb2421c8256300e907298a9410a2a3d3" data-pkgurl="pkg:maven/org.latencyutils/LatencyUtils@2.0.3" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:utils_project:utils">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l4_eaafaf4eb71b400e4136fc3a286f50e34a68ecb7"></a>angus-activation-2.0.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre> Implementation</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.eclipse.org/org/documents/edl-v10.php">http://www.eclipse.org/org/documents/edl-v10.php</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\eclipse\angus\angus-activation\2.0.1\angus-activation-2.0.1.jar<br/><b>MD5:</b>&nbsp;9a66564224140488f83f645ac32d4169<br/><b>SHA1:</b>&nbsp;eaafaf4eb71b400e4136fc3a286f50e34a68ecb7<br/><b>SHA256:</b>b226761815868edf8964c1d71e6d2d54ab238c2788507061b4e0633933b4c131<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">angus-activation-2.0.1.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header7" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content7" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>angus-activation</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>activation</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>angus</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>eclipse</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>angus-activation</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>org.eclipse.angus</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-id</td><td>2.0.1-RELEASE-b350e3d</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>provide-capability</td><td>osgi.serviceloader;osgi.serviceloader=&quot;jakarta.activation.spi.MailcapRegistryProvider&quot;,osgi.serviceloader;osgi.serviceloader=&quot;jakarta.activation.spi.MimeTypeRegistryProvider&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Eclipse Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>angus-activation</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>angus-activation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.eclipse.angus</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Angus Activation Registries</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>angus-activation-project</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>angus-activation</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>activation</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>angus</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>eclipse</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Angus Activation Registries</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>angus-activation</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>org.eclipse.angus</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-id</td><td>2.0.1-RELEASE-b350e3d</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Angus Activation Registries</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>provide-capability</td><td>osgi.serviceloader;osgi.serviceloader=&quot;jakarta.activation.spi.MailcapRegistryProvider&quot;,osgi.serviceloader;osgi.serviceloader=&quot;jakarta.activation.spi.MimeTypeRegistryProvider&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Jakarta Activation Specification</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>angus-activation</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.eclipse.angus</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Angus Activation Registries</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>angus-activation-project</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.0.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.0.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0.1</td><td>Highest</td></tr></table></div><h4 id="header8" class="subsectionheader white">Identifiers</h4><div id="content8" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.eclipse.angus/angus-activation@2.0.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.eclipse.angus/angus-activation@2.0.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l5_10839f875928f59c622d675091d51a43ea0dc5f7"></a>antlr4-runtime-4.10.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The ANTLR 4 Runtime</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.antlr.org/license.html">http://www.antlr.org/license.html</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\antlr\antlr4-runtime\4.10.1\antlr4-runtime-4.10.1.jar<br/><b>MD5:</b>&nbsp;b694fc738bf1a7e8f7eea2638ef2cc7f<br/><b>SHA1:</b>&nbsp;10839f875928f59c622d675091d51a43ea0dc5f7<br/><b>SHA256:</b>da66be0c98acfb29bc708300d05f1a3269c40f9984a4cb9251cf2ba1898d1334<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">antlr4-runtime-4.10.1.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header9" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content9" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>antlr4-runtime</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>antlr</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>runtime</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.antlr.antlr4.runtime</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.antlr.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.antlr.antlr4-runtime</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://www.antlr.org/runtime/antlr4-runtime</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>ANTLR</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.antlr</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>antlr4-runtime</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>antlr4-runtime</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.antlr</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>ANTLR 4 Runtime</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>antlr4-master</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>antlr4-runtime</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>antlr</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>runtime</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.antlr.antlr4.runtime</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.antlr.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>ANTLR 4 Runtime</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.antlr.antlr4-runtime</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>ANTLR 4 Runtime</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://www.antlr.org/runtime/antlr4-runtime</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>antlr4-runtime</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.antlr</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>ANTLR 4 Runtime</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>antlr4-master</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>4.10.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>4.10.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>4.10.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>4.10.1</td><td>Highest</td></tr></table></div><h4 id="header10" class="subsectionheader white">Identifiers</h4><div id="content10" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.antlr/antlr4-runtime@4.10.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.antlr/antlr4-runtime@4.10.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l6_da562407e43f74c0f8f5f5df4065d85ec1736d01"></a>aspectjweaver-1.9.20.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The AspectJ weaver applies aspects to Java classes. It can be used as a Java agent in order to apply load-time
		weaving (LTW) during class-loading and also contains the AspectJ runtime classes.</pre></p><p><b>License:</b><pre class="indent">Eclipse Public License - v 2.0: https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\aspectj\aspectjweaver\1.9.20\aspectjweaver-1.9.20.jar<br/><b>MD5:</b>&nbsp;ef7702f24bc16a5b1714b0316a30a438<br/><b>SHA1:</b>&nbsp;da562407e43f74c0f8f5f5df4065d85ec1736d01<br/><b>SHA256:</b>76f6deae35ae286088b597718ac29ec18b8f8d96e373fb358e25b928a2a142c2<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">aspectjweaver-1.9.20.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header11" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content11" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>aspectjweaver</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>agent</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>and</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>aspectj</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>aspects</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>ltw</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>runtime</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>weaver</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.aspectj.weaver</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>can-redefine-classes</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>manifest: org/aspectj/weaver/</td><td>Implementation-Vendor</td><td>https://www.eclipse.org/aspectj/</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>aspectjweaver</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>aspectjweaver</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>aclement@vmware.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>kriegaex@aspectj.dev</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>aclement</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>kriegaex</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Alexander Kriegisch</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Andy Clement</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.aspectj</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>AspectJ Weaver</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://www.eclipse.org/aspectj/</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>aspectjweaver</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>agent</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>and</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>aspectj</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>aspects</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>ltw</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>runtime</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>weaver</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.aspectj.weaver</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>can-redefine-classes</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>manifest: org/aspectj/weaver/</td><td>Implementation-Title</td><td>org.aspectj.weaver</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: org/aspectj/weaver/</td><td>Specification-Title</td><td>AspectJ Weaver Classes</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>aspectjweaver</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>aclement@vmware.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>kriegaex@aspectj.dev</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>aclement</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>kriegaex</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Alexander Kriegisch</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Andy Clement</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.aspectj</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>AspectJ Weaver</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://www.eclipse.org/aspectj/</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.9.20</td><td>High</td></tr><tr><td>Version</td><td>manifest: org/aspectj/weaver/</td><td>Implementation-Version</td><td>1.9.20</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.9.20</td><td>Highest</td></tr></table></div><h4 id="header12" class="subsectionheader white">Identifiers</h4><div id="content12" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.aspectj/aspectjweaver@1.9.20?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.aspectj/aspectjweaver@1.9.20</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l7_e5d0e988d9124139d645bb5872b24dfa23e283cc"></a>attoparser-2.0.7.RELEASE.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Powerful, fast and easy to use HTML and XML parser for Java</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\attoparser\attoparser\2.0.7.RELEASE\attoparser-2.0.7.RELEASE.jar<br/><b>MD5:</b>&nbsp;fd09ceba7061e05460e74e0e1e64f233<br/><b>SHA1:</b>&nbsp;e5d0e988d9124139d645bb5872b24dfa23e283cc<br/><b>SHA256:</b>75dd1c045492bff8e1963aabb28bfe903c2064e11e27fe2f0f0aff1ad3d84476<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">attoparser-2.0.7.RELEASE.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11</p><h4 id="header13" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content13" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>attoparser</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>attoparser</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>attoparser</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.attoparser.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.attoparser</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://www.attoparser.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The ATTOPARSER team</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.attoparser</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The ATTOPARSER team</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>attoparser</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>attoparser</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>daniel.fernandez AT 11thlabs DOT org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>dfernandez</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Daniel Fernandez</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.attoparser</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>attoparser</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>The ATTOPARSER team</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://www.attoparser.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://www.attoparser.org</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>attoparser</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>attoparser</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>attoparser</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.attoparser.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>attoparser</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.attoparser</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>attoparser</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://www.attoparser.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>attoparser</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>attoparser</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>daniel.fernandez AT 11thlabs DOT org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>dfernandez</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Daniel Fernandez</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.attoparser</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>attoparser</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>The ATTOPARSER team</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://www.attoparser.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://www.attoparser.org</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.0.7.RELEASE</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.0.7.RELEASE</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0.7.RELEASE</td><td>Highest</td></tr></table></div><h4 id="header14" class="subsectionheader white">Identifiers</h4><div id="content14" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.attoparser/attoparser@2.0.7.RELEASE?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.attoparser/attoparser@2.0.7.RELEASE</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l8_d470526e8c4566c04e9ae5d3ccb62d1a7aa58986"></a>byte-buddy-1.12.23.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
        Byte Buddy is a Java library for creating Java classes at run time.
        This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.
    </pre></p><p><b>License:</b><pre class="indent"><a href="https://www.apache.org/licenses/LICENSE-2.0.txt">https://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\net\bytebuddy\byte-buddy\1.12.23\byte-buddy-1.12.23.jar<br/><b>MD5:</b>&nbsp;bdf44dc7543f6bf2728b6e7d32e3bf8c<br/><b>SHA1:</b>&nbsp;d470526e8c4566c04e9ae5d3ccb62d1a7aa58986<br/><b>SHA256:</b>0433a8e4efcc5e137ceb6e7e1d83c2f1f95057c13b66fb92a901f883cb4df4b4<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">byte-buddy-1.12.23.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header15" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content15" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>byte-buddy</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>build</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>bytebuddy</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>net</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>net.bytebuddy.byte-buddy</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>byte-buddy</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>byte-buddy</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>net.bytebuddy</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Byte Buddy (without dependencies)</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>byte-buddy-parent</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>byte-buddy</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>build</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>bytebuddy</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>net</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Byte Buddy (without dependencies)</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>net.bytebuddy.byte-buddy</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>byte-buddy</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>net.bytebuddy</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Byte Buddy (without dependencies)</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>byte-buddy-parent</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.12.23</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.12.23</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.12.23</td><td>Highest</td></tr></table></div><h4 id="header16" class="subsectionheader white">Identifiers</h4><div id="content16" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/net.bytebuddy/byte-buddy@1.12.23?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/net.bytebuddy/byte-buddy@1.12.23</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l9_3fe0bed568c62df5e89f4f174c101eab25345b6c"></a>classmate-1.5.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Library for introspecting types with full generic information
        including resolving of field and method types.
    </pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\com\fasterxml\classmate\1.5.1\classmate-1.5.1.jar<br/><b>MD5:</b>&nbsp;e91fcd30ba329fd1b0b6dc5321fd067c<br/><b>SHA1:</b>&nbsp;3fe0bed568c62df5e89f4f174c101eab25345b6c<br/><b>SHA256:</b>aab4de3006808c09d25dd4ff4a3611cfb63c95463cfd99e73d2e1680d229a33b<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">classmate-1.5.1.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header17" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content17" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>classmate</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>classmate</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>types</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>com.fasterxml.classmate</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/java-classmate</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.classmate</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-date</td><td>2019-10-19 22:46:35+0000</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>fasterxml.com</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>fasterxml.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>classmate</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>classmate</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>blangel@ocheyedan.net</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>tatu@fasterxml.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>blangel</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>tatu</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Brian Langel</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Tatu Saloranta</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.fasterxml</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>ClassMate</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>fasterxml.com</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://fasterxml.com</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>oss-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>FasterXML/java-classmate</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>classmate</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>classmate</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>types</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>com.fasterxml.classmate</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/java-classmate</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>ClassMate</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.classmate</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-date</td><td>2019-10-19 22:46:35+0000</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>ClassMate</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>ClassMate</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>classmate</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>blangel@ocheyedan.net</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>tatu@fasterxml.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>blangel</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>tatu</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Brian Langel</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Tatu Saloranta</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>com.fasterxml</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>ClassMate</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>fasterxml.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://fasterxml.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>oss-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>FasterXML/java-classmate</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.5.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.5.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.5.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.5.1</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.5.1</td><td>Highest</td></tr></table></div><h4 id="header18" class="subsectionheader white">Identifiers</h4><div id="content18" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml/classmate@1.5.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.fasterxml/classmate@1.5.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l10_77a5f94b56d49508e0ee334751db5b78e5ccd50c"></a>hibernate-commons-annotations-6.0.6.Final.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Common reflection code used in support of annotation processing</pre></p><p><b>License:</b><pre class="indent">GNU Library General Public License v2.1 or later: http://www.opensource.org/licenses/LGPL-2.1</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\hibernate\common\hibernate-commons-annotations\6.0.6.Final\hibernate-commons-annotations-6.0.6.Final.jar<br/><b>MD5:</b>&nbsp;c155df7d9f04d15f3f6bbe79f4907074<br/><b>SHA1:</b>&nbsp;77a5f94b56d49508e0ee334751db5b78e5ccd50c<br/><b>SHA256:</b>cd974e0a8481fafdbaf9b4a0f08bb5a6c969b0365482763eedf77e6fd7f493b7<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">hibernate-commons-annotations-6.0.6.Final.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header19" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content19" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>hibernate-commons-annotations</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>redhat</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>annotations</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>common</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>hibernate</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>reflection</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://hibernate.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Hibernate.org</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.hibernate</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>hibernate-commons-annotations</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>hibernate-commons-annotations</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>hibernate-team</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>The Hibernate Development Team</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>Hibernate.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org URL</td><td>http://hibernate.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.hibernate.common</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Hibernate Commons Annotations</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Hibernate.org</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://hibernate.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://hibernate.org</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>hibernate-commons-annotations</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>annotations</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>common</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>hibernate</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>reflection</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>hibernate-commons-annotations</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>hibernate-team</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>The Hibernate Development Team</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>Hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org URL</td><td>http://hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.hibernate.common</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Hibernate Commons Annotations</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://hibernate.org</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>6.0.6.Final</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.0.6.Final</td><td>Highest</td></tr></table></div><h4 id="header20" class="subsectionheader white">Identifiers</h4><div id="content20" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hibernate.common/hibernate-commons-annotations@6.0.6.Final?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.hibernate.common/hibernate-commons-annotations@6.0.6.Final</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l11_343f47b34c96fe9c44bf9b219a7b3c5d6d2fc90e"></a>hibernate-core-6.1.7.Final.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Hibernate's core ORM functionality</pre></p><p><b>License:</b><pre class="indent">GNU Library General Public License v2.1 or later: https://www.opensource.org/licenses/LGPL-2.1</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\hibernate\orm\hibernate-core\6.1.7.Final\hibernate-core-6.1.7.Final.jar<br/><b>MD5:</b>&nbsp;2411aa8e05f0d659aa74257cac5742ec<br/><b>SHA1:</b>&nbsp;343f47b34c96fe9c44bf9b219a7b3c5d6d2fc90e<br/><b>SHA256:</b>6e7d909f4c93180f474e9658174a3fc3693b42ddc9e50f451708ee79ef5f5443<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">hibernate-core-6.1.7.Final.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header21" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content21" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>hibernate-core</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>redhat</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>hibernate</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>-exportcontents</td><td>*;version=6.1.7.Final</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>-noextraheaders</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>-reproducible</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.hibernate.orm.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.hibernate.org/orm/6.1</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.hibernate.orm.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://hibernate.org/orm</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Hibernate.org</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.hibernate</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Hibernate.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>hibernate-core</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>hibernate-core</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>hibernate-team</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>The Hibernate Development Team</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>Hibernate.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org URL</td><td>https://hibernate.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.hibernate.orm</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Hibernate ORM - hibernate-core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Hibernate.org</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://hibernate.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://hibernate.org/orm</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>hibernate-core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>hibernate</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>version</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>-exportcontents</td><td>*;version=6.1.7.Final</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>-noextraheaders</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>-reproducible</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.hibernate.orm.core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.hibernate.org/orm/6.1</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>hibernate-core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.hibernate.orm.core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>hibernate-core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://hibernate.org/orm</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>hibernate-core</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>hibernate-core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>hibernate-team</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>The Hibernate Development Team</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>Hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org URL</td><td>https://hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.hibernate.orm</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Hibernate ORM - hibernate-core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://hibernate.org/orm</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>6.1.7.Final</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.1.7.Final</td><td>Highest</td></tr></table></div><h4 id="header22" class="subsectionheader white">Identifiers</h4><div id="content22" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hibernate.orm/hibernate-core@6.1.7.Final?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.hibernate.orm/hibernate-core@6.1.7.Final</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Ahibernate&amp;cpe_product=cpe%3A%2F%3Ahibernate%3Ahibernate_orm&amp;cpe_version=cpe%3A%2F%3Ahibernate%3Ahibernate_orm%3A6.1.7" target="_blank">cpe:2.3:a:hibernate:hibernate_orm:6.1.7:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="hibernate-core-6.1.7.Final.jar" data-sha1="343f47b34c96fe9c44bf9b219a7b3c5d6d2fc90e" data-pkgurl="pkg:maven/org.hibernate.orm/hibernate-core@6.1.7.Final" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:hibernate:hibernate_orm">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l12_e49e116b3d3928060599b176b3538bb848718e95"></a>hibernate-validator-8.0.1.Final.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Hibernate's Jakarta Bean Validation reference implementation.</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\hibernate\validator\hibernate-validator\8.0.1.Final\hibernate-validator-8.0.1.Final.jar<br/><b>MD5:</b>&nbsp;66985b6bf8da17611031e2421c235241<br/><b>SHA1:</b>&nbsp;e49e116b3d3928060599b176b3538bb848718e95<br/><b>SHA256:</b>8c1244a498231091fe723d9666a93444ee9f93607245c6b29829dc5fe57a335c<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">hibernate-validator-8.0.1.Final.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-validation@3.0.11</p><h4 id="header23" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content23" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>hibernate-validator</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>redhat</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>engine</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>hibernate</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>validator</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://hibernate.org/validator/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>org.hibernate.validator</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>hibernate-validator</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>hibernate-validator</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.hibernate.validator</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Hibernate Validator Engine</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>hibernate-validator-parent</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>hibernate-validator</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>engine</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>hibernate</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>validator</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Hibernate Validator Engine</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>hibernate-validator</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://hibernate.org/validator/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Jakarta Bean Validation</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>hibernate-validator</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.hibernate.validator</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Hibernate Validator Engine</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>hibernate-validator-parent</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>8.0.1.Final</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>8.0.1.Final</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>8.0.1.Final</td><td>Highest</td></tr></table></div><h4 id="header24" class="subsectionheader white">Identifiers</h4><div id="content24" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hibernate.validator/hibernate-validator@8.0.1.Final?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.hibernate.validator/hibernate-validator@8.0.1.Final</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aredhat&amp;cpe_product=cpe%3A%2F%3Aredhat%3Ahibernate_validator&amp;cpe_version=cpe%3A%2F%3Aredhat%3Ahibernate_validator%3A8.0.1" target="_blank">cpe:2.3:a:redhat:hibernate_validator:8.0.1:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="hibernate-validator-8.0.1.Final.jar" data-sha1="e49e116b3d3928060599b176b3538bb848718e95" data-pkgurl="pkg:maven/org.hibernate.validator/hibernate-validator@8.0.1.Final" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:redhat:hibernate_validator">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l13_18ec117c85f3ba0ac65409136afa8e42bc74e739"></a>istack-commons-runtime-4.1.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>istack common utility code</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.eclipse.org/org/documents/edl-v10.php">http://www.eclipse.org/org/documents/edl-v10.php</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\com\sun\istack\istack-commons-runtime\4.1.2\istack-commons-runtime-4.1.2.jar<br/><b>MD5:</b>&nbsp;535154ef647af2a52478c4debec93659<br/><b>SHA1:</b>&nbsp;18ec117c85f3ba0ac65409136afa8e42bc74e739<br/><b>SHA256:</b>7fd6792361f4dd00f8c56af4a20cecc0066deea4a8f3dec38348af23fc2296ee<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">istack-commons-runtime-4.1.2.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header25" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content25" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>istack-commons-runtime</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>istack</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>sun</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar (hint)</td><td>package name</td><td>oracle</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.sun.istack.commons-runtime</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-id</td><td>4.1.2 - 343a28e</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.sun.istack</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>istack-commons-runtime</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>istack-commons-runtime</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.sun.istack</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>istack common utility code runtime</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>istack-commons</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>istack-commons-runtime</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>istack</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>sun</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>istack common utility code runtime</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.sun.istack.commons-runtime</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-id</td><td>4.1.2 - 343a28e</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>istack-commons-runtime</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>com.sun.istack</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>istack common utility code runtime</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>istack-commons</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>4.1.2</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>4.1.2</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>implementation-build-id</td><td>4.1.2</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>4.1.2</td><td>Highest</td></tr></table></div><h4 id="header26" class="subsectionheader white">Identifiers</h4><div id="content26" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.sun.istack/istack-commons-runtime@4.1.2?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.sun.istack/istack-commons-runtime@4.1.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l14_4fa101f81504ed6811bf1823270adb51a9b45ff3"></a>jackson-core-2.14.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Core Jackson processing abstractions (aka Streaming API), implementation for JSON</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\com\fasterxml\jackson\core\jackson-core\2.14.3\jackson-core-2.14.3.jar<br/><b>MD5:</b>&nbsp;abb25b80cda20ddc2cd3bbd8fccd0d34<br/><b>SHA1:</b>&nbsp;4fa101f81504ed6811bf1823270adb51a9b45ff3<br/><b>SHA256:</b>7ee2debad3c002e97b28b84d5f1b2044a38e780abb673948238f5bc656e2fe44<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">jackson-core-2.14.3.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11</p><h4 id="header27" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content27" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jackson-core</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>base</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jackson</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>json</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/jackson-core</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>FasterXML</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml.jackson.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>FasterXML</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jackson-core</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jackson-core</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.fasterxml.jackson.core</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Jackson-core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jackson-base</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>FasterXML/jackson-core</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jackson-core</td><td>High</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>java8</td><td>Highest</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>modules</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>base</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jackson</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>json</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/jackson-core</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Jackson-core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Jackson-core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Jackson-core</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jackson-core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>com.fasterxml.jackson.core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Jackson-core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jackson-base</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>FasterXML/jackson-core</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.14.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.14.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.14.3</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.14.3</td><td>Highest</td></tr></table></div><h4 id="header28" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content28" class="subsectioncontent standardsubsection hidden"><ul><li>jackson-annotations-2.14.3.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\com\fasterxml\jackson\core\jackson-annotations\2.14.3\jackson-annotations-2.14.3.jar</li><li>MD5:&nbsp;f6ee414687751fbadc55998ec49b3ea6</li><li>SHA1:&nbsp;b49701acb02b8e95ae1967821cfbafc220cf5795</li><li>SHA256:&nbsp;ea1b3a9ec60a353f4d7e78559c7140abb9bcf71b31456e9d57c8289f7cf397f1</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.14.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.14.3</a></li></ul></li><li>jackson-datatype-jdk8-2.14.3.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\com\fasterxml\jackson\datatype\jackson-datatype-jdk8\2.14.3\jackson-datatype-jdk8-2.14.3.jar</li><li>MD5:&nbsp;ee475f4ed705a573dd2643f568b4b118</li><li>SHA1:&nbsp;09474ab543a65867461f8326c8fa0494b3efc761</li><li>SHA256:&nbsp;174dff10d8b8a762354401346317be3844f31f807a68eb72ce2b287ca273f4a4</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.14.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.14.3</a></li></ul></li><li>jackson-datatype-jsr310-2.14.3.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\com\fasterxml\jackson\datatype\jackson-datatype-jsr310\2.14.3\jackson-datatype-jsr310-2.14.3.jar</li><li>MD5:&nbsp;f46a0cd9e2cb7d4d660dac70eb0f4526</li><li>SHA1:&nbsp;35f7f751c3555dadccb6f173f9ac1e035a648da3</li><li>SHA256:&nbsp;0b1b6d0267f939fe1c2d3167d33176a0b9f8c9b38444787d281e846beddf9ad6</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.14.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.14.3</a></li></ul></li><li>jackson-module-parameter-names-2.14.3.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\com\fasterxml\jackson\module\jackson-module-parameter-names\2.14.3\jackson-module-parameter-names-2.14.3.jar</li><li>MD5:&nbsp;669ec2c369ec7efc30323c8d89e9691f</li><li>SHA1:&nbsp;fa8f81ea27d89cf73539bbc72c6304a30bcab631</li><li>SHA256:&nbsp;322996c934cf2a9044c0314809727cfe75b0e7e87b7acedaa666e63b19f755a8</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.14.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.14.3</a></li></ul></li></ul></div><h4 id="header29" class="subsectionheader white">Identifiers</h4><div id="content29" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.14.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.fasterxml.jackson.core/jackson-core@2.14.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li>cpe:2.3:a:fasterxml:jackson-modules-java8:2.14.3:*:*:*:*:*:*:*&nbsp;&nbsp;(<i>Confidence</i>:Low)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="jackson-core-2.14.3.jar" data-sha1="4fa101f81504ed6811bf1823270adb51a9b45ff3" data-pkgurl="pkg:maven/com.fasterxml.jackson.core/jackson-core@2.14.3" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:fasterxml:jackson-modules-java8">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l15_ba0373b04bf0f03b0cd268cd2e5e8444aaaf9208"></a>jackson-databind-2.14.3.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>General data-binding functionality for Jackson: works on core streaming API</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\com\fasterxml\jackson\core\jackson-databind\2.14.3\jackson-databind-2.14.3.jar<br/><b>MD5:</b>&nbsp;d9aed5b42f6769cb06d6802250aed19b<br/><b>SHA1:</b>&nbsp;ba0373b04bf0f03b0cd268cd2e5e8444aaaf9208<br/><b>SHA256:</b>ef0694046dc86e8a601e69efef24cda88a85773aaf012f5b9b1167d6f2e7de45<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">jackson-databind-2.14.3.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11</p><h4 id="header30" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content30" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jackson-databind</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>databind</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jackson</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/jackson</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-databind</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>FasterXML</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml.jackson.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>FasterXML</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jackson-databind</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jackson-databind</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.fasterxml.jackson.core</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>jackson-databind</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jackson-base</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>FasterXML/jackson</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jackson-databind</td><td>High</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>java8</td><td>Highest</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>modules</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>databind</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jackson</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/jackson</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>jackson-databind</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-databind</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>jackson-databind</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>jackson-databind</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jackson-databind</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>com.fasterxml.jackson.core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>jackson-databind</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jackson-base</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>FasterXML/jackson</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.14.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.14.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.14.3</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.14.3</td><td>Highest</td></tr></table></div><h4 id="header31" class="subsectionheader white">Identifiers</h4><div id="content31" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Afasterxml&amp;cpe_product=cpe%3A%2F%3Afasterxml%3Ajackson-databind&amp;cpe_version=cpe%3A%2F%3Afasterxml%3Ajackson-databind%3A2.14.3" target="_blank">cpe:2.3:a:fasterxml:jackson-databind:2.14.3:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="jackson-databind-2.14.3.jar" data-sha1="ba0373b04bf0f03b0cd268cd2e5e8444aaaf9208" data-pkgurl="pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.3" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:fasterxml:jackson-databind">suppress</button></li><li>cpe:2.3:a:fasterxml:jackson-modules-java8:2.14.3:*:*:*:*:*:*:*&nbsp;&nbsp;(<i>Confidence</i>:Low)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="jackson-databind-2.14.3.jar" data-sha1="ba0373b04bf0f03b0cd268cd2e5e8444aaaf9208" data-pkgurl="pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.3" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:fasterxml:jackson-modules-java8">suppress</button></li></ul></div><h4 id="header32" class="subsectionheader collapsed collaspablesubsection white">Published Vulnerabilities</h4><div id="content32" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35116">CVE-2023-35116</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="jackson-databind-2.14.3.jar" data-sha1="ba0373b04bf0f03b0cd268cd2e5e8444aaaf9208" data-pkgurl="pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.3" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-35116">suppress</button></p><p><pre>jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.</pre>CWE-770 Allocation of Resources Without Limits or Throttling<br/><br/>CVSSv3:<ul><li>Base Score: MEDIUM (4.7)</li><li>Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:1.0/RC:R/MAV:A</li></ul><br/>References:<ul><li>cve@mitre.org - <a target="_blank" href="https://github.com/FasterXML/jackson-databind/issues/3972">ISSUE_TRACKING</a></li></ul></p><p>Vulnerable Software &amp; Versions:<ul><li class="vs1"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Afasterxml%3Ajackson-databind">cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:* versions up to (excluding) 2.16.0</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l16_640c0d5aff45dbff1e1a1bc09673ff3a02b1ba12"></a>jakarta.activation-api-2.1.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>  Specification</pre></p><p><b>License:</b><pre class="indent">EDL 1.0: http://www.eclipse.org/org/documents/edl-v10.php</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\jakarta\activation\jakarta.activation-api\2.1.2\jakarta.activation-api-2.1.2.jar<br/><b>MD5:</b>&nbsp;1af11450fafc7ee26c633d940286bc16<br/><b>SHA1:</b>&nbsp;640c0d5aff45dbff1e1a1bc09673ff3a02b1ba12<br/><b>SHA256:</b>f53f578dd0eb4170c195a4e215c59a38abfb4123dcb95dd902fef92876499fbb<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">jakarta.activation-api-2.1.2.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-test@3.0.11</p><h4 id="header33" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content33" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jakarta.activation-api</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>activation</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.activation-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>jakarta.activation</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-id</td><td>0750e49</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Eclipse Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.activation-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.activation-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>bill.shannon@oracle.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>shannon</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Bill Shannon</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>Oracle</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jakarta.activation</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Jakarta Activation API</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>jakartaee/jaf-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom (hint)</td><td>developer org</td><td>sun</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jakarta.activation-api</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>activation</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Jakarta Activation API</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.activation-api</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>jakarta.activation</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-id</td><td>0750e49</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Jakarta Activation API</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Jakarta Activation Specification</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jakarta.activation-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>bill.shannon@oracle.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>shannon</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Bill Shannon</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>Oracle</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jakarta.activation</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Jakarta Activation API</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>jakartaee/jaf-api</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.1.2</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.1.2</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>2.1.2</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.1.2</td><td>Highest</td></tr></table></div><h4 id="header34" class="subsectionheader white">Identifiers</h4><div id="content34" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.activation/jakarta.activation-api@2.1.2?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.activation/jakarta.activation-api@2.1.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l17_48b9bda22b091b1f48b13af03fe36db3be6e1ae3"></a>jakarta.annotation-api-2.1.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Jakarta Annotations API</pre></p><p><b>License:</b><pre class="indent">EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\jakarta\annotation\jakarta.annotation-api\2.1.1\jakarta.annotation-api-2.1.1.jar<br/><b>MD5:</b>&nbsp;5dac2f68e8288d0add4dc92cb161711d<br/><b>SHA1:</b>&nbsp;48b9bda22b091b1f48b13af03fe36db3be6e1ae3<br/><b>SHA256:</b>5f65fdaf424eee2b55e1d882ba9bb376be93fb09b37b808be6e22e8851c909fe<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">jakarta.annotation-api-2.1.1.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header35" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content35" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jakarta.annotation-api</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>annotation</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.annotation-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>jakarta.annotation</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.glassfish</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Eclipse Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.annotation-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.annotation-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Dmitry Kornilov</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Linda De Michiel</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>Oracle Corp.</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jakarta.annotation</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Jakarta Annotations API</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://projects.eclipse.org/projects/ee4j.ca</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jakarta.annotation-api</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>annotation</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Jakarta Annotations API</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.annotation-api</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>jakarta.annotation</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jakarta.annotation-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Dmitry Kornilov</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Linda De Michiel</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>Oracle Corp.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jakarta.annotation</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Jakarta Annotations API</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://projects.eclipse.org/projects/ee4j.ca</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.1.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.1.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.1.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>2.1.1</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.1.1</td><td>Highest</td></tr></table></div><h4 id="header36" class="subsectionheader white">Identifiers</h4><div id="content36" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li>cpe:2.3:a:oracle:projects:2.1.1:*:*:*:*:*:*:*&nbsp;&nbsp;(<i>Confidence</i>:Low)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="jakarta.annotation-api-2.1.1.jar" data-sha1="48b9bda22b091b1f48b13af03fe36db3be6e1ae3" data-pkgurl="pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:oracle:projects">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l18_46fc8560b6fd17b78396d88f39c1a730457671f0"></a>jakarta.inject-api-2.0.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Jakarta Dependency Injection</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\jakarta\inject\jakarta.inject-api\2.0.0\jakarta.inject-api-2.0.0.jar<br/><b>MD5:</b>&nbsp;6dcba3a46ee8556a4d4312c1c2bd4d79<br/><b>SHA1:</b>&nbsp;46fc8560b6fd17b78396d88f39c1a730457671f0<br/><b>SHA256:</b>842ccf3b892aca3fbd384c99d1516a8b7c448c55cee560ab2724488016198706<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">jakarta.inject-api-2.0.0.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header37" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content37" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jakarta.inject-api</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>inject</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>jakarta.inject</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.inject.jakarta.inject-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.inject-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.inject-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>asd[at]redhat[dot]com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>manovotn[at]redhat[dot]com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>mkouba[at]redhat[dot]com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>tremes[at]redhat[dot]com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>asabotdu</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>manovotn</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>mkouba</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>tremes</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Antoine Sabot-Durand</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Martin Kouba</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Matej Novotny</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Tomas Remes</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>Red Hat Inc.</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jakarta.inject</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Jakarta Dependency Injection</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>eclipse-ee4j/injection-api</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jakarta.inject-api</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>inject</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>jakarta.inject</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Jakarta Dependency Injection</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.inject.jakarta.inject-api</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jakarta.inject-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>asd[at]redhat[dot]com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>manovotn[at]redhat[dot]com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>mkouba[at]redhat[dot]com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>tremes[at]redhat[dot]com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>asabotdu</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>manovotn</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>mkouba</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>tremes</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Antoine Sabot-Durand</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Martin Kouba</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Matej Novotny</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Tomas Remes</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>Red Hat Inc.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jakarta.inject</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Jakarta Dependency Injection</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>eclipse-ee4j/injection-api</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.0.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.0.0</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>2.0.0</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0.0</td><td>Highest</td></tr></table></div><h4 id="header38" class="subsectionheader white">Identifiers</h4><div id="content38" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.inject/jakarta.inject-api@2.0.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.inject/jakarta.inject-api@2.0.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l19_66901fa1c373c6aff65c13791cc11da72060a8d6"></a>jakarta.persistence-api-3.1.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Jakarta Persistence 3.1 API jar</pre></p><p><b>License:</b><pre class="indent">Eclipse Public License v. 2.0: http://www.eclipse.org/legal/epl-2.0
Eclipse Distribution License v. 1.0: http://www.eclipse.org/org/documents/edl-v10.php</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\jakarta\persistence\jakarta.persistence-api\3.1.0\jakarta.persistence-api-3.1.0.jar<br/><b>MD5:</b>&nbsp;35a1b7dfb38cf44ff795be607b0e6b5b<br/><b>SHA1:</b>&nbsp;66901fa1c373c6aff65c13791cc11da72060a8d6<br/><b>SHA256:</b>475389446d35c6f46c565728b756dc508c284644ea2690644e0d8e7e339d42fd<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">jakarta.persistence-api-3.1.0.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header39" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content39" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jakarta.persistence-api</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>persistence</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.persistence-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>jakarta.persistence</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Eclipse Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.persistence-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.persistence-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>lukasj</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Lukas Jungmann</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>Oracle, Inc.</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jakarta.persistence</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Jakarta Persistence API</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>eclipse-ee4j/jpa-api</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jakarta.persistence-api</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>persistence</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Jakarta Persistence API jar</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.persistence-api</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>jakarta.persistence</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jakarta.persistence-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>lukasj</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Lukas Jungmann</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>Oracle, Inc.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jakarta.persistence</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Jakarta Persistence API</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>eclipse-ee4j/jpa-api</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.1.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>3.1.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.1.0</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>3.1.0</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.1.0</td><td>Highest</td></tr></table></div><h4 id="header40" class="subsectionheader white">Identifiers</h4><div id="content40" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.persistence/jakarta.persistence-api@3.1.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.persistence/jakarta.persistence-api@3.1.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l20_51a520e3fae406abb84e2e1148e6746ce3f80a1a"></a>jakarta.transaction-api-2.0.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Jakarta Transactions</pre></p><p><b>License:</b><pre class="indent">EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\jakarta\transaction\jakarta.transaction-api\2.0.1\jakarta.transaction-api-2.0.1.jar<br/><b>MD5:</b>&nbsp;5315974a3935e342b40849478e1c9966<br/><b>SHA1:</b>&nbsp;51a520e3fae406abb84e2e1148e6746ce3f80a1a<br/><b>SHA256:</b>50c0a7c760c13ae6c042acf182b28f0047413db95b4636fb8879bcffab5ba875<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">jakarta.transaction-api-2.0.1.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header41" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content41" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jakarta.transaction-api</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>transaction</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>jakarta.transaction</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/eclipse-ee4j</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.transaction-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>jakarta.transaction</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>EE4J Community</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.glassfish</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Oracle Corporation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.transaction-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.transaction-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>stephen_felts</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Stephen Felts</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>Oracle, Inc.</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jakarta.transaction</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td> API</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>${extension.name} API</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>EE4J Community</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>eclipse-ee4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://projects.eclipse.org/projects/ee4j.jta</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jakarta.transaction-api</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>transaction</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>jakarta.transaction</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/eclipse-ee4j</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>jakarta.transaction API</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.transaction-api</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>jakarta.transaction</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jakarta.transaction-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>stephen_felts</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Stephen Felts</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>Oracle, Inc.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jakarta.transaction</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td> API</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>${extension.name} API</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>EE4J Community</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>eclipse-ee4j</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://projects.eclipse.org/projects/ee4j.jta</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.0.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.0.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.0.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>2.0.1</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0.1</td><td>Highest</td></tr></table></div><h4 id="header42" class="subsectionheader white">Identifiers</h4><div id="content42" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.transaction/jakarta.transaction-api@2.0.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.transaction/jakarta.transaction-api@2.0.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li>cpe:2.3:a:oracle:projects:2.0.1:*:*:*:*:*:*:*&nbsp;&nbsp;(<i>Confidence</i>:Low)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="jakarta.transaction-api-2.0.1.jar" data-sha1="51a520e3fae406abb84e2e1148e6746ce3f80a1a" data-pkgurl="pkg:maven/jakarta.transaction/jakarta.transaction-api@2.0.1" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:oracle:projects">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l21_92b6631659ba35ca09e44874d3eb936edfeee532"></a>jakarta.validation-api-3.0.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
        Jakarta Bean Validation API
    </pre></p><p><b>License:</b><pre class="indent">Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\jakarta\validation\jakarta.validation-api\3.0.2\jakarta.validation-api-3.0.2.jar<br/><b>MD5:</b>&nbsp;3a1ee6efca3e41e3320599790f54c5eb<br/><b>SHA1:</b>&nbsp;92b6631659ba35ca09e44874d3eb936edfeee532<br/><b>SHA256:</b>291c25e6910cc6a7ebd96d4c6baebf6d7c37676c5482c2d96146e901b62c1fc9<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">jakarta.validation-api-3.0.2.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-validation@3.0.11</p><h4 id="header43" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content43" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jakarta.validation-api</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>validation</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.validation.jakarta.validation-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.validation-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.validation-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>emmanuel@hibernate.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>guillaume.smet@hibernate.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>gunnar@hibernate.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>hferents@redhat.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>emmanuelbernard</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>epbernard</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>guillaume.smet</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>gunnar.morling</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>hardy.ferentschik</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Emmanuel Bernard</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Guillaume Smet</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Gunnar Morling</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Hardy Ferentschik</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>Red Hat, Inc.</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jakarta.validation</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Jakarta Bean Validation API</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://beanvalidation.org</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jakarta.validation-api</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>validation</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Jakarta Bean Validation API</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.validation.jakarta.validation-api</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jakarta.validation-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>emmanuel@hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>guillaume.smet@hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>gunnar@hibernate.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>hferents@redhat.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>emmanuelbernard</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>epbernard</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>guillaume.smet</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>gunnar.morling</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>hardy.ferentschik</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Emmanuel Bernard</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Guillaume Smet</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Gunnar Morling</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Hardy Ferentschik</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>Red Hat, Inc.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jakarta.validation</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Jakarta Bean Validation API</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://beanvalidation.org</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0.2</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>3.0.2</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>3.0.2</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.2</td><td>Highest</td></tr></table></div><h4 id="header44" class="subsectionheader white">Identifiers</h4><div id="content44" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.validation/jakarta.validation-api@3.0.2?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.validation/jakarta.validation-api@3.0.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l22_ca2330866cbc624c7e5ce982e121db1125d23e15"></a>jakarta.xml.bind-api-4.0.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Jakarta XML Binding API 4.0 Design Specification</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.eclipse.org/org/documents/edl-v10.php">http://www.eclipse.org/org/documents/edl-v10.php</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\jakarta\xml\bind\jakarta.xml.bind-api\4.0.1\jakarta.xml.bind-api-4.0.1.jar<br/><b>MD5:</b>&nbsp;e62084f1afb23eccde6645bf3a9eb06f<br/><b>SHA1:</b>&nbsp;ca2330866cbc624c7e5ce982e121db1125d23e15<br/><b>SHA256:</b>287f3b6d0600082e0b60265d7de32be403ee7d7269369c9718d9424305b89d95<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">jakarta.xml.bind-api-4.0.1.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-test@3.0.11</p><h4 id="header45" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content45" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jakarta.xml.bind-api</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>bind</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>xml</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.xml.bind-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>jakarta.xml.bind</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-id</td><td>2ab55f8</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Eclipse Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.xml.bind-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.xml.bind-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jakarta.xml.bind</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Jakarta XML Binding API</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jakarta.xml.bind-api-parent</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jakarta.xml.bind-api</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>bind</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>xml</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Jakarta XML Binding API</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.xml.bind-api</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>jakarta.xml.bind</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-id</td><td>2ab55f8</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jakarta.xml.bind-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jakarta.xml.bind</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Jakarta XML Binding API</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jakarta.xml.bind-api-parent</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>4.0.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>4.0.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>4.0.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>4.0.1</td><td>Highest</td></tr></table></div><h4 id="header46" class="subsectionheader white">Identifiers</h4><div id="content46" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@4.0.1?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@4.0.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l23_1e1c385990b258ff1a24c801e84aebbacf70eb39"></a>jandex-2.4.2.Final.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Parent POM for JBoss projects. Provides default project build configuration.</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\jboss\jandex\2.4.2.Final\jandex-2.4.2.Final.jar<br/><b>MD5:</b>&nbsp;489f7a97d2ed7ae34ea56d01b3566d57<br/><b>SHA1:</b>&nbsp;1e1c385990b258ff1a24c801e84aebbacf70eb39<br/><b>SHA256:</b>3f2ce55c7d71e744581488dc5105806aa8084c08e6e916a019bab8f8698994f0<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">jandex-2.4.2.Final.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header47" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content47" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jandex</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>redhat</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>indexer</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jandex</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jboss</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.jboss.jandex</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-timestamp</td><td>Čt, 6 Led 2022 17:31:47 +0100</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.jboss.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.jboss.jandex</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://www.jboss.org/jandex</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>JBoss by Red Hat</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.jboss</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>os-arch</td><td>amd64</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>os-name</td><td>Linux</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>JBoss by Red Hat</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jandex</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jandex</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.jboss</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Java Annotation Indexer</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jboss-parent</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jandex</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>indexer</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jandex</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jboss</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.jboss.jandex</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-timestamp</td><td>Čt, 6 Led 2022 17:31:47 +0100</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.jboss.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Java Annotation Indexer</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.jboss.jandex</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Java Annotation Indexer</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://www.jboss.org/jandex</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>os-arch</td><td>amd64</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>os-name</td><td>Linux</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Java Annotation Indexer</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jandex</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.jboss</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Java Annotation Indexer</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jboss-parent</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.4.2.Final</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.4.2.Final</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>2.4.2.Final</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.4.2.Final</td><td>Highest</td></tr></table></div><h4 id="header48" class="subsectionheader white">Identifiers</h4><div id="content48" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.jboss/jandex@2.4.2.Final?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.jboss/jandex@2.4.2.Final</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l24_e9093b4a82069a1d78ee9a3233ca387bca88861f"></a>jaxb-core-4.0.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>JAXB Core module. Contains sources required by XJC, JXC and Runtime modules.</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.eclipse.org/org/documents/edl-v10.php">http://www.eclipse.org/org/documents/edl-v10.php</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\glassfish\jaxb\jaxb-core\4.0.3\jaxb-core-4.0.3.jar<br/><b>MD5:</b>&nbsp;8c5d90e32ee3e76972b7d2acf7a49fdf<br/><b>SHA1:</b>&nbsp;e9093b4a82069a1d78ee9a3233ca387bca88861f<br/><b>SHA256:</b>d6d75c422752684fbf04dd74a21698feae0e4a406c2892b5af02d23dc97b2ac6<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">jaxb-core-4.0.3.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header49" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content49" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jaxb-core</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>glassfish</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jaxb</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.glassfish.jaxb.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>git-revision</td><td>ff66b10</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-id</td><td>4.0.3 - ff66b10</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.glassfish.jaxb</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Eclipse Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jaxb-core</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jaxb-core</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.glassfish.jaxb</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>JAXB Core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jaxb-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.sun.xml.bind.mvn</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://eclipse-ee4j.github.io/jaxb-ri/</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jaxb-core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>glassfish</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jaxb</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>JAXB Core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.glassfish.jaxb.core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>git-revision</td><td>ff66b10</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-id</td><td>4.0.3 - ff66b10</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Eclipse Implementation of JAXB</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Jakarta XML Binding</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jaxb-core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.glassfish.jaxb</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>JAXB Core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jaxb-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.sun.xml.bind.mvn</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://eclipse-ee4j.github.io/jaxb-ri/</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>4.0.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>build-version</td><td>4.0.3</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>4.0.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>implementation-build-id</td><td>4.0.3</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>4.0.3</td><td>Highest</td></tr></table></div><h4 id="header50" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content50" class="subsectioncontent standardsubsection hidden"><ul><li>jaxb-runtime-4.0.3.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\glassfish\jaxb\jaxb-runtime\4.0.3\jaxb-runtime-4.0.3.jar</li><li>MD5:&nbsp;1e3fe19cc19a1393c48b5116c0e0999f</li><li>SHA1:&nbsp;93af25be25b2c92c83e0ce61cb8b3ed23568f316</li><li>SHA256:&nbsp;795e2dbdd3e64c8ba7e532e35f83136603931a8e9a3b5ffeb05f9f483adab6e0</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.glassfish.jaxb/jaxb-runtime@4.0.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.glassfish.jaxb/jaxb-runtime@4.0.3</a></li></ul></li></ul></div><h4 id="header51" class="subsectionheader white">Identifiers</h4><div id="content51" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.glassfish.jaxb/jaxb-core@4.0.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.glassfish.jaxb/jaxb-core@4.0.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aeclipse&amp;cpe_product=cpe%3A%2F%3Aeclipse%3Aglassfish&amp;cpe_version=cpe%3A%2F%3Aeclipse%3Aglassfish%3A4.0.3" target="_blank">cpe:2.3:a:eclipse:glassfish:4.0.3:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="jaxb-core-4.0.3.jar" data-sha1="e9093b4a82069a1d78ee9a3233ca387bca88861f" data-pkgurl="pkg:maven/org.glassfish.jaxb/jaxb-core@4.0.3" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:eclipse:glassfish">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l25_c88fc1d8a96d4c3491f55d4317458ccad53ca663"></a>jboss-logging-3.5.3.Final.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The JBoss Logging Framework</pre></p><p><b>License:</b><pre class="indent">Apache License 2.0: https://repository.jboss.org/licenses/apache-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\jboss\logging\jboss-logging\3.5.3.Final\jboss-logging-3.5.3.Final.jar<br/><b>MD5:</b>&nbsp;ee7e24e94235c13f53392ecaa53f938c<br/><b>SHA1:</b>&nbsp;c88fc1d8a96d4c3491f55d4317458ccad53ca663<br/><b>SHA256:</b>7b119460de174195aca412dfed52ca0bbef0ece26c2d74301b6172cfadf4ff59<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">jboss-logging-3.5.3.Final.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header52" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content52" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jboss-logging</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>redhat</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jboss</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.jboss.logging</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.jboss.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.jboss.logging.jboss-logging</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://www.jboss.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>JBoss by Red Hat</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>os-arch</td><td>amd64</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>os-name</td><td>Linux</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>JBoss by Red Hat</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jboss-logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jboss-logging</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.jboss.logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>JBoss Logging 3</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>logging-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.jboss.org</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jboss-logging</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jboss</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.jboss.logging</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.jboss.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>JBoss Logging 3</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.jboss.logging.jboss-logging</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>JBoss Logging 3</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://www.jboss.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>os-arch</td><td>amd64</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>os-name</td><td>Linux</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>JBoss Logging 3</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jboss-logging</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.jboss.logging</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>JBoss Logging 3</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>logging-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.jboss.org</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>3.5.3.Final</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.5.3.Final</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>3.5.3.Final</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.5.3.Final</td><td>Highest</td></tr></table></div><h4 id="header53" class="subsectionheader white">Identifiers</h4><div id="content53" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.jboss.logging/jboss-logging@3.5.3.Final?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.jboss.logging/jboss-logging@3.5.3.Final</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l26_09ef7c70b248185845f013f49a33ff9ca65b7975"></a>jul-to-slf4j-2.0.9.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>JUL to SLF4J bridge</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.opensource.org/licenses/mit-license.php">http://www.opensource.org/licenses/mit-license.php</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\slf4j\jul-to-slf4j\2.0.9\jul-to-slf4j-2.0.9.jar<br/><b>MD5:</b>&nbsp;24f86e89ee3f71ea91f644150c507740<br/><b>SHA1:</b>&nbsp;09ef7c70b248185845f013f49a33ff9ca65b7975<br/><b>SHA256:</b>69b4e5f8d3bd3f6f54367d19f2c1ee95dd5877802f12d868282e218dd76b00bf<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">jul-to-slf4j-2.0.9.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11</p><h4 id="header54" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content54" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jul-to-slf4j</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>bridge</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>20</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.slf4j.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jul.to.slf4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jul-to-slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jul-to-slf4j</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>JUL to SLF4J bridge</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.slf4j.org</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jul-to-slf4j</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>bridge</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>20</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.slf4j.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>JUL to SLF4J bridge</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jul.to.slf4j</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>jul-to-slf4j</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jul-to-slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>JUL to SLF4J bridge</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.slf4j.org</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.0.9</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.0.9</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.0.9</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0.9</td><td>Highest</td></tr></table></div><h4 id="header55" class="subsectionheader white">Identifiers</h4><div id="content55" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.slf4j/jul-to-slf4j@2.0.9?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.slf4j/jul-to-slf4j@2.0.9</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l27_ea1b37f38c327596b216542bc636cfdc0b8036fa"></a>log4j-api-2.19.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The Apache Log4j API</pre></p><p><b>License:</b><pre class="indent"><a href="https://www.apache.org/licenses/LICENSE-2.0.txt">https://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\apache\logging\log4j\log4j-api\2.19.0\log4j-api-2.19.0.jar<br/><b>MD5:</b>&nbsp;a7f8fc9751cdaa237a1e18059b4887da<br/><b>SHA1:</b>&nbsp;ea1b37f38c327596b216542bc636cfdc0b8036fa<br/><b>SHA256:</b>5ccb24ad9f92e768d0bc456d3061a737951262df803e004d2cad096b75a88d60<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">log4j-api-2.19.0.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11</p><h4 id="header56" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content56" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>log4j-api</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>log4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.api</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://logging.apache.org/log4j/2.x/log4j-api/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.logging.log4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>log4jreleasekey</td><td>B3D8E1BA</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>log4jsigningusername</td><td>rgoers@apache.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>log4j-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>log4j-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.logging.log4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Log4j API</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>log4j</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>log4j-api</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>log4j</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Log4j API</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.api</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Log4j API</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://logging.apache.org/log4j/2.x/log4j-api/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>log4jreleasekey</td><td>B3D8E1BA</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>log4jsigningusername</td><td>rgoers@apache.org</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Log4j API</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>log4j-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.apache.logging.log4j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Log4j API</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>log4j</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.19.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.19.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.19.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>log4jreleaseversion</td><td>2.19.0</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.19.0</td><td>Highest</td></tr></table></div><h4 id="header57" class="subsectionheader white">Identifiers</h4><div id="content57" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.logging.log4j/log4j-api@2.19.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.apache.logging.log4j/log4j-api@2.19.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Alog4j&amp;cpe_version=cpe%3A%2F%3Aapache%3Alog4j%3A2.19.0" target="_blank">cpe:2.3:a:apache:log4j:2.19.0:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="log4j-api-2.19.0.jar" data-sha1="ea1b37f38c327596b216542bc636cfdc0b8036fa" data-pkgurl="pkg:maven/org.apache.logging.log4j/log4j-api@2.19.0" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:log4j">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l28_30f4812e43172ecca5041da2cb6b965cc4777c19"></a>log4j-to-slf4j-2.19.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The Apache Log4j binding between Log4j 2 API and SLF4J.</pre></p><p><b>License:</b><pre class="indent"><a href="https://www.apache.org/licenses/LICENSE-2.0.txt">https://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\apache\logging\log4j\log4j-to-slf4j\2.19.0\log4j-to-slf4j-2.19.0.jar<br/><b>MD5:</b>&nbsp;00f577c9e3cb12537a8392b74a7524aa<br/><b>SHA1:</b>&nbsp;30f4812e43172ecca5041da2cb6b965cc4777c19<br/><b>SHA256:</b>96b877515c7af999bc7eae28f46b656430da893a7dc28f099841be306f8117bf<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">log4j-to-slf4j-2.19.0.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11</p><h4 id="header58" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content58" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>log4j-to-slf4j</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.logging.slf4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.to-slf4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://logging.apache.org/log4j/2.x/log4j-to-slf4j/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.logging.log4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>log4jreleasekey</td><td>B3D8E1BA</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>log4jsigningusername</td><td>rgoers@apache.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>log4j-to-slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>log4j-to-slf4j</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.logging.log4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Log4j to SLF4J Adapter</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>log4j</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>log4j-to-slf4j</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.logging.slf4j</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Log4j to SLF4J Adapter</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.to-slf4j</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Log4j to SLF4J Adapter</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://logging.apache.org/log4j/2.x/log4j-to-slf4j/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>log4jreleasekey</td><td>B3D8E1BA</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>log4jsigningusername</td><td>rgoers@apache.org</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Log4j to SLF4J Adapter</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>log4j-to-slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.apache.logging.log4j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Log4j to SLF4J Adapter</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>log4j</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.19.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.19.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.19.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>log4jreleaseversion</td><td>2.19.0</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.19.0</td><td>Highest</td></tr></table></div><h4 id="header59" class="subsectionheader white">Identifiers</h4><div id="content59" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.logging.log4j/log4j-to-slf4j@2.19.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.apache.logging.log4j/log4j-to-slf4j@2.19.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l29_2f9f280219a9922a74200eaf7138c4c17fb87c0f"></a>logback-core-1.4.11.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>logback-core module</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html">http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\ch\qos\logback\logback-core\1.4.11\logback-core-1.4.11.jar<br/><b>MD5:</b>&nbsp;d71bee74f4ae2864c7b68fc8212b8a66<br/><b>SHA1:</b>&nbsp;2f9f280219a9922a74200eaf7138c4c17fb87c0f<br/><b>SHA256:</b>37ee7367bd24ca87ef77430119a1cb814a76b240afab5c17f802ea383f58aca1<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">logback-core-1.4.11.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11</p><h4 id="header60" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content60" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>logback-core</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>ch</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>logback</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>qos</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>20</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.qos.ch</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>ch.qos.logback.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>QOS.ch</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin 5.1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>QOS.ch</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>logback-core</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>logback-core</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>ch.qos.logback</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Logback Core Module</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>logback-parent</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>logback-core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>ch</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>logback</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>qos</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>20</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.qos.ch</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Logback Core Module</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>ch.qos.logback.core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Logback Core Module</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin 5.1.8</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Logback Core Module</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>logback-core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>ch.qos.logback</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Logback Core Module</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>logback-parent</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.4.11</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.4.11</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.4.11</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.4.11</td><td>Highest</td></tr></table></div><h4 id="header61" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content61" class="subsectioncontent standardsubsection hidden"><ul><li>logback-classic-1.4.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\ch\qos\logback\logback-classic\1.4.11\logback-classic-1.4.11.jar</li><li>MD5:&nbsp;a6a09da5f4d40cf80bedcf7a6a0d35b2</li><li>SHA1:&nbsp;54450c0c783e896a1a6d88c043bd2f1daba1c382</li><li>SHA256:&nbsp;05850fca185dfa652969ed1e3864e365c0d724737a0f4ec68574baad1d855a0e</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/ch.qos.logback/logback-classic@1.4.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/ch.qos.logback/logback-classic@1.4.11</a></li></ul></li></ul></div><h4 id="header62" class="subsectionheader white">Identifiers</h4><div id="content62" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/ch.qos.logback/logback-core@1.4.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/ch.qos.logback/logback-core@1.4.11</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aqos&amp;cpe_product=cpe%3A%2F%3Aqos%3Alogback&amp;cpe_version=cpe%3A%2F%3Aqos%3Alogback%3A1.4.11" target="_blank">cpe:2.3:a:qos:logback:1.4.11:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="logback-core-1.4.11.jar" data-sha1="2f9f280219a9922a74200eaf7138c4c17fb87c0f" data-pkgurl="pkg:maven/ch.qos.logback/logback-core@1.4.11" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:qos:logback">suppress</button></li></ul></div><h4 id="header63" class="subsectionheader collapsed collaspablesubsection white">Published Vulnerabilities</h4><div id="content63" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6378">CVE-2023-6378</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="logback-core-1.4.11.jar" data-sha1="2f9f280219a9922a74200eaf7138c4c17fb87c0f" data-pkgurl="pkg:maven/ch.qos.logback/logback-core@1.4.11" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-6378">suppress</button></p><p><pre>A serialization vulnerability in logback receiver component part of 
logback version 1.4.11 allows an attacker to mount a Denial-Of-Service 
attack by sending poisoned data.

</pre>CWE-502 Deserialization of Untrusted Data<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A</li></ul><br/>References:<ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vulnerability/CVE-2023-6378?component-type=maven&amp;component-name=ch.qos.logback%2Flogback-core&amp;utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0">[CVE-2023-6378] CWE-502: Deserialization of Untrusted Data</a></li><li>OSSIndex - <a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6378">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6378</a></li><li>OSSIndex - <a target="_blank" href="https://github.com/advisories/GHSA-vmq6-5m68-f53m">https://github.com/advisories/GHSA-vmq6-5m68-f53m</a></li><li>OSSIndex - <a target="_blank" href="https://logback.qos.ch/news.html#1.3.12">https://logback.qos.ch/news.html#1.3.12</a></li><li>vulnerability@ncsc.ch - <a target="_blank" href="https://logback.qos.ch/news.html#1.3.12">RELEASE_NOTES</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs2">show all</a>)<ul><li class="vs2"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aqos%3Alogback">cpe:2.3:a:qos:logback:*:*:*:*:*:*:*:* versions from (including) 1.4.0; versions up to (excluding) 1.4.12</a></li><li class="vs2">...</li><li class="vs2 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aqos%3Alogback">cpe:2.3:a:qos:logback:*:*:*:*:*:*:*:* versions from (including) 1.2.0; versions up to (excluding) 1.2.13</a></li><li class="vs2 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aqos%3Alogback">cpe:2.3:a:qos:logback:*:*:*:*:*:*:*:* versions from (including) 1.3.0; versions up to (excluding) 1.3.12</a></li><li class="vs2 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aqos%3Alogback">cpe:2.3:a:qos:logback:*:*:*:*:*:*:*:* versions from (including) 1.4.0; versions up to (excluding) 1.4.12</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l30_e67209a53266080be85e8848c01fd15af98700c7"></a>lombok-1.18.30.jar: mavenEcjBootstrapAgent.jar</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\projectlombok\lombok\1.18.30\lombok-1.18.30.jar\lombok\launch\mavenEcjBootstrapAgent.jar<br/><b>MD5:</b>&nbsp;2bc7812d729aa7f761f721c6f0620848<br/><b>SHA1:</b>&nbsp;e67209a53266080be85e8848c01fd15af98700c7<br/><b>SHA256:</b>63da6c6457ba6bfb61867cf644542464783adc57bbf36a7f0843c2822c288169<br/><b>Referenced In Project/Scope:</b> VulnApp:compile</p><h4 id="header64" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content64" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>mavenEcjBootstrapAgent</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>launch</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>lombok</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>can-redefine-classes</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>mavenEcjBootstrapAgent</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>launch</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>can-redefine-classes</td><td>true</td><td>Low</td></tr></table></div><h4 id="header65" class="subsectionheader white">Identifiers</h4><div id="content65" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l31_f195ee86e6c896ea47a1d39defbe20eb59cd149d"></a>lombok-1.18.30.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!</pre></p><p><b>License:</b><pre class="indent">The MIT License: https://projectlombok.org/LICENSE</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\projectlombok\lombok\1.18.30\lombok-1.18.30.jar<br/><b>MD5:</b>&nbsp;14e90bb14cac804c1a6e2024e78f436d<br/><b>SHA1:</b>&nbsp;f195ee86e6c896ea47a1d39defbe20eb59cd149d<br/><b>SHA256:</b>14151b47582d570b4de16a147ece3bdbd19ace4aee5bde3a5578c87db9ecb998<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">lombok-1.18.30.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/ssdlc.online/VulnApp@0.0.1-SNAPSHOT</p><h4 id="header66" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content66" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>lombok</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>java</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>lombok</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tostring</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>lombok</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>can-redefine-classes</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>lombok</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>lombok</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>reinier@projectlombok.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>roel@projectlombok.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>rspilker</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>rzwitserloot</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Reinier Zwitserloot</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Roel Spilker</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.projectlombok</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Project Lombok</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://projectlombok.org</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>lombok</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>java</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>lombok</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tostring</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>lombok</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>can-redefine-classes</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>lombok</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>reinier@projectlombok.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>roel@projectlombok.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>rspilker</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>rzwitserloot</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Reinier Zwitserloot</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Roel Spilker</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.projectlombok</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Project Lombok</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://projectlombok.org</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.18.30</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>lombok-version</td><td>1.18.30</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.18.30</td><td>Highest</td></tr></table></div><h4 id="header67" class="subsectionheader white">Identifiers</h4><div id="content67" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.projectlombok/lombok@1.18.30?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.projectlombok/lombok@1.18.30</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l32_b8c88a741054458b78f6e30b7300fe485070bf07"></a>micrometer-commons-1.10.11.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Module containing common code</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\io\micrometer\micrometer-commons\1.10.11\micrometer-commons-1.10.11.jar<br/><b>MD5:</b>&nbsp;2e26bb6b55bfcd0db4e8f7fe6fdacd28<br/><b>SHA1:</b>&nbsp;b8c88a741054458b78f6e30b7300fe485070bf07<br/><b>SHA256:</b>b9e869c444f47612509da4f7e3e6243e78d70f36cb4318c16809860eccce2000<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">micrometer-commons-1.10.11.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.0.11</p><h4 id="header68" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content68" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>micrometer-commons</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>common</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>micrometer</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>micrometer.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>branch</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-date</td><td>2023-09-11_19:05:30</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-date-utc</td><td>2023-09-11T19:05:30.760680853Z</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-host</td><td>fb218c3a1137</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-job</td><td>deploy</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-number</td><td>24105</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-timezone</td><td>Etc/UTC</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-url</td><td>https://circleci.com/gh/micrometer-metrics/micrometer/24105</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>built-os</td><td>Linux</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>built-status</td><td>integration</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>change</td><td>b7b3b47</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>full-change</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-origin</td><td>micrometer-metrics/micrometer.git</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-owner</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-source</td><td>/micrometer-commons</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>micrometer-commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>micrometer-commons</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>shakuzen</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Tommy Ludwig</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>io.micrometer</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>micrometer-commons</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>micrometer-metrics/micrometer</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>micrometer-commons</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>common</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>micrometer</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>micrometer.commons</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>branch</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-date</td><td>2023-09-11_19:05:30</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-date-utc</td><td>2023-09-11T19:05:30.760680853Z</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-host</td><td>fb218c3a1137</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-job</td><td>deploy</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-number</td><td>24105</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-timezone</td><td>Etc/UTC</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-url</td><td>https://circleci.com/gh/micrometer-metrics/micrometer/24105</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>built-os</td><td>Linux</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>built-status</td><td>integration</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>change</td><td>b7b3b47</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>full-change</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>io.micrometer#micrometer-commons;1.10.11</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>module-email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>module-origin</td><td>micrometer-metrics/micrometer.git</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>module-owner</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>module-source</td><td>/micrometer-commons</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>micrometer-commons</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>shakuzen</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Tommy Ludwig</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>io.micrometer</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>micrometer-commons</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>micrometer-metrics/micrometer</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.10.11</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.10.11</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.10.11</td><td>Highest</td></tr></table></div><h4 id="header69" class="subsectionheader white">Identifiers</h4><div id="content69" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/io.micrometer/micrometer-commons@1.10.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/io.micrometer/micrometer-commons@1.10.11</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l33_adbe9b99be2e5cb4f835dd2134c5f66c69f23b3a"></a>micrometer-core-1.10.11.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Core module of Micrometer containing instrumentation API and implementation</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\io\micrometer\micrometer-core\1.10.11\micrometer-core-1.10.11.jar<br/><b>MD5:</b>&nbsp;5e8ae420417f99daa86504f1bda26705<br/><b>SHA1:</b>&nbsp;adbe9b99be2e5cb4f835dd2134c5f66c69f23b3a<br/><b>SHA256:</b>f460d8a945a1ce923ad9033753631b286b74bca017b7fb9219a58ab33be63b03<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">micrometer-core-1.10.11.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.0.11</p><h4 id="header70" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content70" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>micrometer-core</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>micrometer</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>micrometer.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>branch</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-date</td><td>2023-09-11_19:05:31</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-date-utc</td><td>2023-09-11T19:05:31.047070527Z</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-host</td><td>fb218c3a1137</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-job</td><td>deploy</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-number</td><td>24105</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-timezone</td><td>Etc/UTC</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-url</td><td>https://circleci.com/gh/micrometer-metrics/micrometer/24105</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>built-os</td><td>Linux</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>built-status</td><td>integration</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>change</td><td>b7b3b47</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>full-change</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-origin</td><td>micrometer-metrics/micrometer.git</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-owner</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-source</td><td>/micrometer-core</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>micrometer-core</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>micrometer-core</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>shakuzen</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Tommy Ludwig</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>io.micrometer</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>micrometer-core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>micrometer-metrics/micrometer</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>micrometer-core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>11</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>micrometer</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>micrometer.core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>branch</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-date</td><td>2023-09-11_19:05:31</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-date-utc</td><td>2023-09-11T19:05:31.047070527Z</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-host</td><td>fb218c3a1137</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-job</td><td>deploy</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-number</td><td>24105</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-timezone</td><td>Etc/UTC</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-url</td><td>https://circleci.com/gh/micrometer-metrics/micrometer/24105</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>built-os</td><td>Linux</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>built-status</td><td>integration</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>change</td><td>b7b3b47</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>full-change</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>io.micrometer#micrometer-core;1.10.11</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>module-email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>module-origin</td><td>micrometer-metrics/micrometer.git</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>module-owner</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>module-source</td><td>/micrometer-core</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>micrometer-core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>shakuzen</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Tommy Ludwig</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>io.micrometer</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>micrometer-core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>micrometer-metrics/micrometer</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.10.11</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.10.11</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.10.11</td><td>Highest</td></tr></table></div><h4 id="header71" class="subsectionheader white">Identifiers</h4><div id="content71" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/io.micrometer/micrometer-core@1.10.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/io.micrometer/micrometer-core@1.10.11</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l34_884b41886e44f2f109ea628330aeeaf0a21549e7"></a>micrometer-observation-1.10.11.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Module containing Observation related code</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\io\micrometer\micrometer-observation\1.10.11\micrometer-observation-1.10.11.jar<br/><b>MD5:</b>&nbsp;fd4861cd8bd75df0e2687fd23a07d884<br/><b>SHA1:</b>&nbsp;884b41886e44f2f109ea628330aeeaf0a21549e7<br/><b>SHA256:</b>306ddc8ab09aae42cc75a5cf567242f8c3ecf275064f768d482fdd62ce678cfa<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">micrometer-observation-1.10.11.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.0.11</p><h4 id="header72" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content72" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>micrometer-observation</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>micrometer</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>observation</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>micrometer.observation</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>branch</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-date</td><td>2023-09-11_19:05:31</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-date-utc</td><td>2023-09-11T19:05:31.217579513Z</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-host</td><td>fb218c3a1137</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-job</td><td>deploy</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-number</td><td>24105</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-timezone</td><td>Etc/UTC</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-url</td><td>https://circleci.com/gh/micrometer-metrics/micrometer/24105</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>built-os</td><td>Linux</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>built-status</td><td>integration</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>change</td><td>b7b3b47</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>full-change</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-origin</td><td>micrometer-metrics/micrometer.git</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-owner</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-source</td><td>/micrometer-observation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>micrometer-observation</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>micrometer-observation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>shakuzen</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Tommy Ludwig</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>io.micrometer</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>micrometer-observation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>micrometer-metrics/micrometer</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>micrometer-observation</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>micrometer</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>observation</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>micrometer.observation</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>branch</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-date</td><td>2023-09-11_19:05:31</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-date-utc</td><td>2023-09-11T19:05:31.217579513Z</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-host</td><td>fb218c3a1137</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-job</td><td>deploy</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-number</td><td>24105</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-timezone</td><td>Etc/UTC</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>build-url</td><td>https://circleci.com/gh/micrometer-metrics/micrometer/24105</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>built-os</td><td>Linux</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>built-status</td><td>integration</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>change</td><td>b7b3b47</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>full-change</td><td>b7b3b4703c53e9e768b8321f99563f4f4601cc9f</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>io.micrometer#micrometer-observation;1.10.11</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>module-email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>module-origin</td><td>micrometer-metrics/micrometer.git</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>module-owner</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>module-source</td><td>/micrometer-observation</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>micrometer-observation</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>tludwig@vmware.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>shakuzen</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Tommy Ludwig</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>io.micrometer</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>micrometer-observation</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>micrometer-metrics/micrometer</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.10.11</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.10.11</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.10.11</td><td>Highest</td></tr></table></div><h4 id="header73" class="subsectionheader white">Identifiers</h4><div id="content73" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/io.micrometer/micrometer-observation@1.10.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/io.micrometer/micrometer-observation@1.10.11</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l35_56d34aea30915904b1c883f1cfae731dd2df6029"></a>mysql-connector-j-8.2.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>JDBC Type 4 driver for MySQL.</pre></p><p><b>License:</b><pre class="indent">The GNU General Public License, v2 with Universal FOSS Exception, v1.0</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\com\mysql\mysql-connector-j\8.2.0\mysql-connector-j-8.2.0.jar<br/><b>MD5:</b>&nbsp;a331817ab5c572777e25539a70b51bb6<br/><b>SHA1:</b>&nbsp;56d34aea30915904b1c883f1cfae731dd2df6029<br/><b>SHA256:</b>06f14fbd664d0e382347489e66495ca27ab7e6c2e1d9969a496931736197465f<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">mysql-connector-j-8.2.0.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/ssdlc.online/VulnApp@0.0.1-SNAPSHOT</p><h4 id="header74" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content74" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>mysql-connector-j</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>oracle</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer (hint)</td><td>vendor</td><td>sun</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>cj</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>driver</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jdbc</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>mysql</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>type</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.mysql.cj</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Oracle</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.mysql</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Oracle Corporation</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest (hint)</td><td>Implementation-Vendor</td><td>sun</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>mysql-connector-j</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>mysql-connector-j</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>filipe.silva@oracle.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Filipe Silva</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>Oracle Corporation</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org URL</td><td>https://www.oracle.com/</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.mysql</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>MySQL Connector/J</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Oracle Corporation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://www.oracle.com/</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://dev.mysql.com/doc/connector-j/en/</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>mysql-connector-j</td><td>High</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>mysql_connector/j</td><td>Highest</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>mysql_connector_j</td><td>Highest</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>mysql_connectors</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>cj</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>driver</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jdbc</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>mysql</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>type</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>xdevapi</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Oracle Corporation's JDBC and XDevAPI Driver for MySQL</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.mysql.cj</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>MySQL Connector/J</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>JDBC</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>mysql-connector-j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>filipe.silva@oracle.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Filipe Silva</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>Oracle Corporation</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org URL</td><td>https://www.oracle.com/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>com.mysql</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>MySQL Connector/J</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Oracle Corporation</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://www.oracle.com/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://dev.mysql.com/doc/connector-j/en/</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>8.2.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>8.2.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>8.2.0</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>8.2.0</td><td>Highest</td></tr></table></div><h4 id="header75" class="subsectionheader white">Identifiers</h4><div id="content75" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.mysql/mysql-connector-j@8.2.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/com.mysql/mysql-connector-j@8.2.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Amysql&amp;cpe_product=cpe%3A%2F%3Amysql%3Amysql&amp;cpe_version=cpe%3A%2F%3Amysql%3Amysql%3A8.2.0" target="_blank">cpe:2.3:a:mysql:mysql:8.2.0:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="mysql-connector-j-8.2.0.jar" data-sha1="56d34aea30915904b1c883f1cfae731dd2df6029" data-pkgurl="pkg:maven/com.mysql/mysql-connector-j@8.2.0" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:mysql:mysql">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aoracle&amp;cpe_product=cpe%3A%2F%3Aoracle%3Amysql_connector%2Fj&amp;cpe_version=cpe%3A%2F%3Aoracle%3Amysql_connector%2Fj%3A8.2.0" target="_blank">cpe:2.3:a:oracle:mysql_connector\/j:8.2.0:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="mysql-connector-j-8.2.0.jar" data-sha1="56d34aea30915904b1c883f1cfae731dd2df6029" data-pkgurl="pkg:maven/com.mysql/mysql-connector-j@8.2.0" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:oracle:mysql_connector%2fj">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l36_7cf2726fdcfbc8610f9a71fb3ed639871f315340"></a>slf4j-api-2.0.9.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The slf4j API</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.opensource.org/licenses/mit-license.php">http://www.opensource.org/licenses/mit-license.php</a></pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\slf4j\slf4j-api\2.0.9\slf4j-api-2.0.9.jar<br/><b>MD5:</b>&nbsp;45630e54b0f0ac2b3c80462515ad8fda<br/><b>SHA1:</b>&nbsp;7cf2726fdcfbc8610f9a71fb3ed639871f315340<br/><b>SHA256:</b>0818930dc8d7debb403204611691da58e49d42c50b6ffcfdce02dadb7c3c2b6c<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">slf4j-api-2.0.9.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header76" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content76" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>slf4j-api</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>20</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.slf4j.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>slf4j.api</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>slf4j-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>slf4j-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>SLF4J API Module</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.slf4j.org</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>slf4j-api</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>20</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.slf4j.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>SLF4J API Module</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>slf4j.api</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>slf4j-api</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>slf4j-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>SLF4J API Module</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.slf4j.org</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.0.9</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.0.9</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.0.9</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0.9</td><td>Highest</td></tr></table></div><h4 id="header77" class="subsectionheader white">Identifiers</h4><div id="content77" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.slf4j/slf4j-api@2.0.9?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.slf4j/slf4j-api@2.0.9</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l37_3aab2116756442bf0d4cd1c089b24d34c3baa253"></a>snakeyaml-2.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>YAML 1.1 parser and emitter for Java</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\yaml\snakeyaml\2.0\snakeyaml-2.0.jar<br/><b>MD5:</b>&nbsp;caf24b81b9d57e6d4f68b1ccd36e00a3<br/><b>SHA1:</b>&nbsp;3aab2116756442bf0d4cd1c089b24d34c3baa253<br/><b>SHA256:</b>880c9d896e4b74a06c549c15ca496450165d6909fa15d7e662bee8f6a66d7afa<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">snakeyaml-2.0.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/ssdlc.online/VulnApp@0.0.1-SNAPSHOT</p><h4 id="header78" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content78" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>snakeyaml</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>emitter</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>parser</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>snakeyaml</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>yaml</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.yaml.snakeyaml</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>snakeyaml</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>snakeyaml</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>alexander.maslov@gmail.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>public.somov@gmail.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>asomov</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>maslovalex</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Alexander Maslov</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Andrey Somov</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.yaml</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>SnakeYAML</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://bitbucket.org/snakeyaml/snakeyaml</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>snakeyaml</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>emitter</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>parser</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>snakeyaml</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>yaml</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>11</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>SnakeYAML</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.yaml.snakeyaml</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>snakeyaml</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>alexander.maslov@gmail.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>public.somov@gmail.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>asomov</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>maslovalex</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Alexander Maslov</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Andrey Somov</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.yaml</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>SnakeYAML</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://bitbucket.org/snakeyaml/snakeyaml</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.0</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0</td><td>Highest</td></tr></table></div><h4 id="header79" class="subsectionheader white">Identifiers</h4><div id="content79" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.yaml/snakeyaml@2.0?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.yaml/snakeyaml@2.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Asnakeyaml_project&amp;cpe_product=cpe%3A%2F%3Asnakeyaml_project%3Asnakeyaml&amp;cpe_version=cpe%3A%2F%3Asnakeyaml_project%3Asnakeyaml%3A2.0" target="_blank">cpe:2.3:a:snakeyaml_project:snakeyaml:2.0:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="snakeyaml-2.0.jar" data-sha1="3aab2116756442bf0d4cd1c089b24d34c3baa253" data-pkgurl="pkg:maven/org.yaml/snakeyaml@2.0" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:snakeyaml_project:snakeyaml">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l38_f629f726752bd9b54a60e14b78819469b300d582"></a>spring-boot-3.0.11.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>Spring Boot</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot\3.0.11\spring-boot-3.0.11.jar<br/><b>MD5:</b>&nbsp;60aa803a53b16c303a12618bc46ac3d3<br/><b>SHA1:</b>&nbsp;f629f726752bd9b54a60e14b78819469b300d582<br/><b>SHA256:</b>87857ac2c298b3b42e2aeab52e9527e79c754e88d5e21fac01334baac99b74d4<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">spring-boot-3.0.11.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11</p><h4 id="header80" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content80" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>spring-boot</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>pivotal software</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>SpringSource</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>vmware</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>boot</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>spring.boot</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-boot</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-boot</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>ask@spring.io</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Spring</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>VMware, Inc.</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org URL</td><td>https://www.spring.io</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.springframework.boot</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>spring-boot</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>VMware, Inc.</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://spring.io</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://spring.io/projects/spring-boot</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>spring-boot</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>boot</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>spring.boot</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Spring Boot</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>spring-boot</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>ask@spring.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Spring</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>VMware, Inc.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org URL</td><td>https://www.spring.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.springframework.boot</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>spring-boot</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>VMware, Inc.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://spring.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://spring.io/projects/spring-boot</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0.11</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0.11</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.11</td><td>Highest</td></tr></table></div><h4 id="header81" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content81" class="subsectioncontent standardsubsection hidden"><ul><li>spring-boot-actuator-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-actuator\3.0.11\spring-boot-actuator-3.0.11.jar</li><li>MD5:&nbsp;1cfa4637fbcab490ae72534c661f351e</li><li>SHA1:&nbsp;db67cda6fafb638ebc90d236b42adc1f18c10193</li><li>SHA256:&nbsp;79ca09952be96420226c4127a29bb7eef264c2101a91893dd306e623c28ec62b</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-actuator@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-actuator@3.0.11</a></li></ul></li><li>spring-boot-actuator-autoconfigure-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-actuator-autoconfigure\3.0.11\spring-boot-actuator-autoconfigure-3.0.11.jar</li><li>MD5:&nbsp;2646fd7749ee4d1fd8ca828e1def103c</li><li>SHA1:&nbsp;d84d51fe742dc9efa39a60a526048c1d963bfe2f</li><li>SHA256:&nbsp;c34c765b0052b5d33c1499e68123430a775433b84f2d9508bf12f426b4b04b19</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@3.0.11</a></li></ul></li><li>spring-boot-autoconfigure-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-autoconfigure\3.0.11\spring-boot-autoconfigure-3.0.11.jar</li><li>MD5:&nbsp;6057c71f790a66bfe4d040596b03fdeb</li><li>SHA1:&nbsp;f461d6300f6524efd4de3582fa81a47fcb999286</li><li>SHA256:&nbsp;9b1dbac620d2974b3190729672b576ea149a1dc0c0a1be1c29ba858fd9b15311</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-autoconfigure@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-autoconfigure@3.0.11</a></li></ul></li><li>spring-boot-starter-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter\3.0.11\spring-boot-starter-3.0.11.jar</li><li>MD5:&nbsp;0c1cda2b0be9d216a8962178861b387b</li><li>SHA1:&nbsp;f5b9ae69d3ac3b26eab72e755f5ff6cc259f4c59</li><li>SHA256:&nbsp;2d58c58d920c0ec8a9bad8e3527beeef9d56857b91ba5fc9eb944cb00cc569a6</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter@3.0.11</a></li></ul></li><li>spring-boot-starter-actuator-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter-actuator\3.0.11\spring-boot-starter-actuator-3.0.11.jar</li><li>MD5:&nbsp;7e999275949a3f5b89ccc453bc8f1d31</li><li>SHA1:&nbsp;0442fa26c86e7f7e5e06c4f5c1a847d8f3ffc51e</li><li>SHA256:&nbsp;71807cf0f7df3d56d643754497d49d3f672b88ab656ec111be8a6a99b931ec59</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.0.11</a></li></ul></li><li>spring-boot-starter-aop-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter-aop\3.0.11\spring-boot-starter-aop-3.0.11.jar</li><li>MD5:&nbsp;4456eb2e2336dc91008dee41c660de8c</li><li>SHA1:&nbsp;3e8deaac0559e20396df10ffc2d6af576f31d3f1</li><li>SHA256:&nbsp;bdbf96f3f63c2a866b1d30cb1c814ac98c94415711eec1041e3cc6c5042b6ef7</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-aop@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-aop@3.0.11</a></li></ul></li><li>spring-boot-starter-data-jpa-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter-data-jpa\3.0.11\spring-boot-starter-data-jpa-3.0.11.jar</li><li>MD5:&nbsp;78342c1696dcc1f222451f8d9c3e8ecd</li><li>SHA1:&nbsp;a8b19c1a956ebf8f0381f1db22c5b5106f8dfaa1</li><li>SHA256:&nbsp;38c96bfa44a1ecc77549596e69c1f6261344feec4da81c7bb795918e2d8ef5fe</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</a></li></ul></li><li>spring-boot-starter-jdbc-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter-jdbc\3.0.11\spring-boot-starter-jdbc-3.0.11.jar</li><li>MD5:&nbsp;4d724eef97f51cb3f67f0facdaac34e7</li><li>SHA1:&nbsp;052b84c73477a8b615ba12def59aebe69747f031</li><li>SHA256:&nbsp;489af4da42aaeaf2e86897b09b9467cb90d35c54db24905c89d16693a6732a81</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@3.0.11</a></li></ul></li><li>spring-boot-starter-json-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter-json\3.0.11\spring-boot-starter-json-3.0.11.jar</li><li>MD5:&nbsp;3878329c06d4347b7c076eeb8afaf3ce</li><li>SHA1:&nbsp;c6c2e1dffa5d2fce3273c36d7c7a68ed84a64163</li><li>SHA256:&nbsp;ac5a70871a53e43baefcf850647039482b9bd2fd21d3cbe3e53a31b0329574da</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-json@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-json@3.0.11</a></li></ul></li><li>spring-boot-starter-logging-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter-logging\3.0.11\spring-boot-starter-logging-3.0.11.jar</li><li>MD5:&nbsp;35821db253cc3d7c1d9d9b5483d3fbf4</li><li>SHA1:&nbsp;0487fd9fb909eef16cdc568050a0e455e536c87a</li><li>SHA256:&nbsp;0ee83dadb4cd6cae1d6964ee80d25512d6b70ef707e56c1b9e2c730f3bede54e</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-logging@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-logging@3.0.11</a></li></ul></li><li>spring-boot-starter-tomcat-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter-tomcat\3.0.11\spring-boot-starter-tomcat-3.0.11.jar</li><li>MD5:&nbsp;4af0c5601bd4388f95399556e49cffdc</li><li>SHA1:&nbsp;fa3cd35af85b6d3e0f6ac92bb76f24e7217d8d96</li><li>SHA256:&nbsp;dff19862de590e8306f68daaa1a6dabbc8e32134fe8f19ef58d832aa7555231f</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-tomcat@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-tomcat@3.0.11</a></li></ul></li><li>spring-boot-starter-validation-3.0.11.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter-validation\3.0.11\spring-boot-starter-validation-3.0.11.jar</li><li>MD5:&nbsp;952840f4e76db5800a398f053bf454e4</li><li>SHA1:&nbsp;612b1fd506feffd580c1c7127fe140c57cec0631</li><li>SHA256:&nbsp;01703570ebd4da95c43a161599fbfa010785fd3dd0fb4630d9d11851c6cc0569</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-validation@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-validation@3.0.11</a></li></ul></li></ul></div><h4 id="header82" class="subsectionheader white">Identifiers</h4><div id="content82" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot@3.0.11</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_boot&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_boot%3A3.0.11" target="_blank">cpe:2.3:a:vmware:spring_boot:3.0.11:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-boot-3.0.11.jar" data-sha1="f629f726752bd9b54a60e14b78819469b300d582" data-pkgurl="pkg:maven/org.springframework.boot/spring-boot@3.0.11" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:vmware:spring_boot">suppress</button></li></ul></div><h4 id="header83" class="subsectionheader collapsed collaspablesubsection white">Published Vulnerabilities</h4><div id="content83" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34055">CVE-2023-34055</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="spring-boot-3.0.11.jar" data-sha1="f629f726752bd9b54a60e14b78819469b300d582" data-pkgurl="pkg:maven/org.springframework.boot/spring-boot@3.0.11" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-34055">suppress</button></p><p><pre>In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.

Specifically, an application is vulnerable when all of the following are true:

  *  the application uses Spring MVC or Spring WebFlux
  *  org.springframework.boot:spring-boot-actuator��is on the classpath



</pre>NVD-CWE-noinfo<br/><br/>CVSSv3:<ul><li>Base Score: MEDIUM (6.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A</li></ul><br/>References:<ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vulnerability/CVE-2023-34055?component-type=maven&amp;component-name=org.springframework.boot%2Fspring-boot-actuator&amp;utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0">[CVE-2023-34055] CWE-noinfo</a></li><li>OSSIndex - <a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34055">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34055</a></li><li>OSSIndex - <a target="_blank" href="https://spring.io/security/cve-2023-34055">https://spring.io/security/cve-2023-34055</a></li><li>security@vmware.com - <a target="_blank" href="https://spring.io/security/cve-2023-34055">VENDOR_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs3">show all</a>)<ul><li class="vs3"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.0.12</a></li><li class="vs3">...</li><li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.7.17</a></li><li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.0.12</a></li><li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 3.1.0; versions up to (including) 3.1.5</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection"><a name="l39_375fba06ef262bc61f33932c664bb807d5975f9b"></a>spring-boot-starter-thymeleaf-3.0.11.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>Starter for building MVC web applications using Thymeleaf views</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter-thymeleaf\3.0.11\spring-boot-starter-thymeleaf-3.0.11.jar<br/><b>MD5:</b>&nbsp;99db5690e413966a1f0cf4c93c60f218<br/><b>SHA1:</b>&nbsp;375fba06ef262bc61f33932c664bb807d5975f9b<br/><b>SHA256:</b>189d47944a08d17d74ba07af963df76f6d4a91831855f3f2a6b32e17fc932e5e<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">spring-boot-starter-thymeleaf-3.0.11.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/ssdlc.online/VulnApp@0.0.1-SNAPSHOT</p><h4 id="header84" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content84" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>spring-boot-starter-thymeleaf</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>pivotal software</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>SpringSource</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>vmware</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>spring.boot.starter.thymeleaf</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>spring-boot-jar-type</td><td>dependencies-starter</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-boot-starter-thymeleaf</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-boot-starter-thymeleaf</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>ask@spring.io</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Spring</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>VMware, Inc.</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org URL</td><td>https://www.spring.io</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.springframework.boot</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>spring-boot-starter-thymeleaf</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>VMware, Inc.</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://spring.io</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://spring.io/projects/spring-boot</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>spring-boot-starter-thymeleaf</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>spring.boot.starter.thymeleaf</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Starter for building MVC web applications using Thymeleaf views</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>spring-boot-jar-type</td><td>dependencies-starter</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>spring-boot-starter-thymeleaf</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>ask@spring.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Spring</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>VMware, Inc.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org URL</td><td>https://www.spring.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.springframework.boot</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>spring-boot-starter-thymeleaf</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>VMware, Inc.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://spring.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://spring.io/projects/spring-boot</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0.11</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0.11</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.11</td><td>Highest</td></tr></table></div><h4 id="header85" class="subsectionheader white">Identifiers</h4><div id="content85" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Athymeleaf&amp;cpe_product=cpe%3A%2F%3Athymeleaf%3Athymeleaf&amp;cpe_version=cpe%3A%2F%3Athymeleaf%3Athymeleaf%3A3.0.11" target="_blank">cpe:2.3:a:thymeleaf:thymeleaf:3.0.11:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-boot-starter-thymeleaf-3.0.11.jar" data-sha1="375fba06ef262bc61f33932c664bb807d5975f9b" data-pkgurl="pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:thymeleaf:thymeleaf">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_boot&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_boot%3A3.0.11" target="_blank">cpe:2.3:a:vmware:spring_boot:3.0.11:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-boot-starter-thymeleaf-3.0.11.jar" data-sha1="375fba06ef262bc61f33932c664bb807d5975f9b" data-pkgurl="pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:vmware:spring_boot">suppress</button></li></ul></div><h4 id="header86" class="subsectionheader collapsed collaspablesubsection white">Published Vulnerabilities</h4><div id="content86" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38286">CVE-2023-38286</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="spring-boot-starter-thymeleaf-3.0.11.jar" data-sha1="375fba06ef262bc61f33932c664bb807d5975f9b" data-pkgurl="pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-38286">suppress</button></p><p><pre>Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code execution in spring-boot-admin if MailNotifier is enabled and there is write access to environment variables via the UI.</pre>CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:1.6/RC:R/MAV:A</li></ul><br/>References:<ul><li>cve@mitre.org - <a target="_blank" href="https://github.com/p1n93r/SpringBootAdmin-thymeleaf-SSTI">EXPLOIT</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs4">show all</a>)<ul><li class="vs4"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Athymeleaf%3Athymeleaf">cpe:2.3:a:thymeleaf:thymeleaf:*:*:*:*:*:*:*:* versions up to (including) 3.1.1</a></li><li class="vs4">...</li><li class="vs4 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acodecentric%3Aspring_boot_admin">cpe:2.3:a:codecentric:spring_boot_admin:*:*:*:*:*:*:*:* versions up to (including) 3.1.0</a></li><li class="vs4 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Athymeleaf%3Athymeleaf">cpe:2.3:a:thymeleaf:thymeleaf:*:*:*:*:*:*:*:* versions up to (including) 3.1.1</a></li></ul></p><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34055">CVE-2023-34055</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="spring-boot-starter-thymeleaf-3.0.11.jar" data-sha1="375fba06ef262bc61f33932c664bb807d5975f9b" data-pkgurl="pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-34055">suppress</button></p><p><pre>In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.

Specifically, an application is vulnerable when all of the following are true:

  *  the application uses Spring MVC or Spring WebFlux
  *  org.springframework.boot:spring-boot-actuator��is on the classpath



</pre>NVD-CWE-noinfo<br/><br/>CVSSv3:<ul><li>Base Score: MEDIUM (6.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A</li></ul><br/>References:<ul><li>security@vmware.com - <a target="_blank" href="https://spring.io/security/cve-2023-34055">VENDOR_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs5">show all</a>)<ul><li class="vs5"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.0.12</a></li><li class="vs5">...</li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.7.17</a></li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.0.12</a></li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 3.1.0; versions up to (including) 3.1.5</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection"><a name="l40_2dd2814553b4d0afca6303aee364efdfb35ed4ad"></a>spring-boot-starter-web-3.0.11.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>Starter for building web, including RESTful, applications using Spring MVC. Uses Tomcat as the default embedded container</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\springframework\boot\spring-boot-starter-web\3.0.11\spring-boot-starter-web-3.0.11.jar<br/><b>MD5:</b>&nbsp;d7289f325d7abdf9182d9fbb1b314fa7<br/><b>SHA1:</b>&nbsp;2dd2814553b4d0afca6303aee364efdfb35ed4ad<br/><b>SHA256:</b>844233021d010e162ec7e41b919490ed436b88e13b387bfd3ee3ed51f3bc6acb<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">spring-boot-starter-web-3.0.11.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/ssdlc.online/VulnApp@0.0.1-SNAPSHOT</p><h4 id="header87" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content87" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>spring-boot-starter-web</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>pivotal software</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>SpringSource</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>vmware</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>spring.boot.starter.web</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>spring-boot-jar-type</td><td>dependencies-starter</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-boot-starter-web</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-boot-starter-web</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>ask@spring.io</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Spring</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org</td><td>VMware, Inc.</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer org URL</td><td>https://www.spring.io</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.springframework.boot</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>spring-boot-starter-web</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>VMware, Inc.</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://spring.io</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://spring.io/projects/spring-boot</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>spring-boot-starter-web</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>spring.boot.starter.web</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Starter for building web, including RESTful, applications using Spring MVC. Uses Tomcat as the default embedded container</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>spring-boot-jar-type</td><td>dependencies-starter</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>spring-boot-starter-web</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>ask@spring.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Spring</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org</td><td>VMware, Inc.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer org URL</td><td>https://www.spring.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.springframework.boot</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>spring-boot-starter-web</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>VMware, Inc.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://spring.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://spring.io/projects/spring-boot</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0.11</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0.11</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.11</td><td>Highest</td></tr></table></div><h4 id="header88" class="subsectionheader white">Identifiers</h4><div id="content88" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_boot&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_boot%3A3.0.11" target="_blank">cpe:2.3:a:vmware:spring_boot:3.0.11:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-boot-starter-web-3.0.11.jar" data-sha1="2dd2814553b4d0afca6303aee364efdfb35ed4ad" data-pkgurl="pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:vmware:spring_boot">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aweb_project&amp;cpe_product=cpe%3A%2F%3Aweb_project%3Aweb&amp;cpe_version=cpe%3A%2F%3Aweb_project%3Aweb%3A3.0.11" target="_blank">cpe:2.3:a:web_project:web:3.0.11:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-boot-starter-web-3.0.11.jar" data-sha1="2dd2814553b4d0afca6303aee364efdfb35ed4ad" data-pkgurl="pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:web_project:web">suppress</button></li></ul></div><h4 id="header89" class="subsectionheader collapsed collaspablesubsection white">Published Vulnerabilities</h4><div id="content89" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34055">CVE-2023-34055</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="spring-boot-starter-web-3.0.11.jar" data-sha1="2dd2814553b4d0afca6303aee364efdfb35ed4ad" data-pkgurl="pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-34055">suppress</button></p><p><pre>In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.

Specifically, an application is vulnerable when all of the following are true:

  *  the application uses Spring MVC or Spring WebFlux
  *  org.springframework.boot:spring-boot-actuator��is on the classpath



</pre>NVD-CWE-noinfo<br/><br/>CVSSv3:<ul><li>Base Score: MEDIUM (6.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A</li></ul><br/>References:<ul><li>security@vmware.com - <a target="_blank" href="https://spring.io/security/cve-2023-34055">VENDOR_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs6">show all</a>)<ul><li class="vs6"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.0.12</a></li><li class="vs6">...</li><li class="vs6 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.7.17</a></li><li class="vs6 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.0.12</a></li><li class="vs6 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_boot">cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* versions from (including) 3.1.0; versions up to (including) 3.1.5</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection"><a name="l41_a55e70359371b03ee29dacd75c3b40d0baf3a656"></a>spring-core-6.0.12.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>Spring Core</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-core\6.0.12\spring-core-6.0.12.jar<br/><b>MD5:</b>&nbsp;691f69c3cc23600877bb60b7a97b6c0c<br/><b>SHA1:</b>&nbsp;a55e70359371b03ee29dacd75c3b40d0baf3a656<br/><b>SHA256:</b>3150e6119fa944ff94e44745fa463372eb4cb44ef3ce37243452bf0049dec2bf<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">spring-core-6.0.12.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-test@3.0.11</p><h4 id="header90" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content90" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>spring-core</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>pivotal software</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>SpringSource</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>vmware</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>spring.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-core</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-core</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>jhoeller@pivotal.io</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>jhoeller</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Juergen Hoeller</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Spring Core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Spring IO</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://spring.io/projects/spring-framework</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>spring-projects/spring-framework</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>spring-core</td><td>High</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>spring.core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>spring-core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>spring-core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>jhoeller@pivotal.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>jhoeller</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Juergen Hoeller</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.springframework</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Spring Core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Spring IO</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://spring.io/projects/spring-framework</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>spring-projects/spring-framework</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>6.0.12</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>6.0.12</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.0.12</td><td>Highest</td></tr></table></div><h4 id="header91" class="subsectionheader white">Identifiers</h4><div id="content91" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-core@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-core@6.0.12</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-core-6.0.12.jar" data-sha1="a55e70359371b03ee29dacd75c3b40d0baf3a656" data-pkgurl="pkg:maven/org.springframework/spring-core@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:pivotal_software:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aspringsource&amp;cpe_product=cpe%3A%2F%3Aspringsource%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Aspringsource%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-core-6.0.12.jar" data-sha1="a55e70359371b03ee29dacd75c3b40d0baf3a656" data-pkgurl="pkg:maven/org.springframework/spring-core@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:springsource:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-core-6.0.12.jar" data-sha1="a55e70359371b03ee29dacd75c3b40d0baf3a656" data-pkgurl="pkg:maven/org.springframework/spring-core@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:vmware:spring_framework">suppress</button></li></ul></div><h4 id="header92" class="subsectionheader collapsed collaspablesubsection white">Published Vulnerabilities</h4><div id="content92" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053">CVE-2023-34053</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="spring-core-6.0.12.jar" data-sha1="a55e70359371b03ee29dacd75c3b40d0baf3a656" data-pkgurl="pkg:maven/org.springframework/spring-core@6.0.12" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-34053">suppress</button></p><p><pre>In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.

Specifically, an application is vulnerable when all of the following are true:

  *  the application uses Spring MVC or Spring WebFlux
  *  io.micrometer:micrometer-core��is on the classpath
  *  an ObservationRegistry is configured in the application to record observations


Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator��dependency to meet all conditions.


</pre>NVD-CWE-noinfo<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A</li></ul><br/>References:<ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vulnerability/CVE-2023-34053?component-type=maven&amp;component-name=org.springframework%2Fspring-web&amp;utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0">[CVE-2023-34053] CWE-noinfo</a></li><li>OSSIndex - <a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053</a></li><li>OSSIndex - <a target="_blank" href="https://spring.io/security/cve-2023-34053">https://spring.io/security/cve-2023-34053</a></li><li>security@vmware.com - <a target="_blank" href="https://spring.io/security/cve-2023-34053">VENDOR_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:<ul><li class="vs7"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_framework">cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* versions from (including) 6.0.0; versions up to (excluding) 6.0.14</a></li></ul></p><p><span class="underline"><b>CVE-2024-22233</b>&nbsp;(OSSINDEX)</span>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this vulnerability for this file" data-display-name="spring-core-6.0.12.jar" data-sha1="a55e70359371b03ee29dacd75c3b40d0baf3a656" data-pkgurl="pkg:maven/org.springframework/spring-core@6.0.12" data-type-to-suppress="vulnerabilityName" data-id-to-suppress="CVE-2024-22233">suppress</button></p><p><pre>In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.

Specifically, an application is vulnerable when all of the following are true:

  *  the application uses Spring MVC
  *  Spring Security 6.1.6+ or 6.2.1+ is on the classpath


Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web&nbsp;and org.springframework.boot:spring-boot-starter-security&nbsp;dependencies to meet all conditions.




Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2024-22233 for details</pre>CWE-noinfo<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</li></ul><br/>References:<ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vulnerability/CVE-2024-22233?component-type=maven&amp;component-name=org.springframework%2Fspring-core&amp;utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0">[CVE-2024-22233] CWE-noinfo</a></li><li>OSSIndex - <a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22233">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22233</a></li><li>OSSIndex - <a target="_blank" href="https://github.com/spring-projects/spring-framework/issues/31848">https://github.com/spring-projects/spring-framework/issues/31848</a></li><li>OSSIndex - <a target="_blank" href="https://spring.io/security/cve-2024-22233/">https://spring.io/security/cve-2024-22233/</a></li></ul></p><p>Vulnerable Software &amp; Versions (OSSINDEX):<ul><li class="vs8">cpe:2.3:a:org.springframework:spring-core:6.0.12:*:*:*:*:*:*:*</li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l42_050a12ab567c19c34ce02f0d2180f81bc7872789"></a>spring-data-commons-3.0.10.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Core Spring concepts underpinning every Spring Data module.</pre></p><p><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\springframework\data\spring-data-commons\3.0.10\spring-data-commons-3.0.10.jar<br/><b>MD5:</b>&nbsp;bacd8f82201ffbc6686b9f50a700dff8<br/><b>SHA1:</b>&nbsp;050a12ab567c19c34ce02f0d2180f81bc7872789<br/><b>SHA256:</b>ba542a6bb04c7a5bc072e09ec5ab42f293bb5b70a0c753e4073fad96b2c8b424<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">spring-data-commons-3.0.10.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header93" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content93" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>spring-data-commons</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>pivotal software</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>SpringSource</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>vmware</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>data</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>spring.data.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-data-commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-data-commons</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.springframework.data</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Spring Data Core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>spring-data-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.springframework.data.build</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://spring.io/projects/spring-data</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>spring-data-commons</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>data</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>spring.data.commons</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Spring Data Core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>spring-data-commons</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.springframework.data</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Spring Data Core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>spring-data-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.springframework.data.build</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://spring.io/projects/spring-data</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0.10</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0.10</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.10</td><td>Highest</td></tr></table></div><h4 id="header94" class="subsectionheader white">Identifiers</h4><div id="content94" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.data/spring-data-commons@3.0.10?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.data/spring-data-commons@3.0.10</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_data_commons&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_data_commons%3A3.0.10" target="_blank">cpe:2.3:a:pivotal_software:spring_data_commons:3.0.10:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-data-commons-3.0.10.jar" data-sha1="050a12ab567c19c34ce02f0d2180f81bc7872789" data-pkgurl="pkg:maven/org.springframework.data/spring-data-commons@3.0.10" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:pivotal_software:spring_data_commons">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l43_18fb82ea3208f7481be5abe3718fa0537b9710d0"></a>spring-data-jpa-3.0.10.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Spring Data module for JPA repositories.</pre></p><p><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\springframework\data\spring-data-jpa\3.0.10\spring-data-jpa-3.0.10.jar<br/><b>MD5:</b>&nbsp;89cb4e4c597ae39ef2c153b409f323ea<br/><b>SHA1:</b>&nbsp;18fb82ea3208f7481be5abe3718fa0537b9710d0<br/><b>SHA256:</b>b0aad316018da1f043ef4f98a323da8c752cd8ce042038f145c51f35510252c7<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">spring-data-jpa-3.0.10.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header95" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content95" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>spring-data-jpa</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>pivotal software</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>SpringSource</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>vmware</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>data</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jpa</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>spring.data.jpa</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-data-jpa</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-data-jpa</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.springframework.data</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Spring Data JPA</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>spring-data-jpa-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://projects.spring.io/spring-data-jpa</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>spring-data-jpa</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>data</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jpa</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>spring.data.jpa</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Spring Data JPA</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>spring-data-jpa</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.springframework.data</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Spring Data JPA</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>spring-data-jpa-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://projects.spring.io/spring-data-jpa</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0.10</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0.10</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.10</td><td>Highest</td></tr></table></div><h4 id="header96" class="subsectionheader white">Identifiers</h4><div id="content96" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework.data/spring-data-jpa@3.0.10?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework.data/spring-data-jpa@3.0.10</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_data_jpa&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_data_jpa%3A3.0.10" target="_blank">cpe:2.3:a:pivotal_software:spring_data_jpa:3.0.10:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-data-jpa-3.0.10.jar" data-sha1="18fb82ea3208f7481be5abe3718fa0537b9710d0" data-pkgurl="pkg:maven/org.springframework.data/spring-data-jpa@3.0.10" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:pivotal_software:spring_data_jpa">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l44_b4e997baac7dd14593f3e4f815e3646279e9a63f"></a>spring-tx-6.0.12.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>Spring Transaction</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-tx\6.0.12\spring-tx-6.0.12.jar<br/><b>MD5:</b>&nbsp;dfbc8011cbd1c28e6fbd45b7daea3bbd<br/><b>SHA1:</b>&nbsp;b4e997baac7dd14593f3e4f815e3646279e9a63f<br/><b>SHA256:</b>694dedc3542206d72e6f4d601c51b9493de64aa62dfc48c6b2f922773b879873<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">spring-tx-6.0.12.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header97" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content97" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>spring-tx</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>pivotal software</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>SpringSource</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>vmware</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>transaction</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>spring.tx</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-tx</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-tx</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>jhoeller@pivotal.io</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>jhoeller</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Juergen Hoeller</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Spring Transaction</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Spring IO</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://spring.io/projects/spring-framework</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>spring-projects/spring-framework</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>spring-tx</td><td>High</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>transaction</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>spring.tx</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>spring-tx</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>spring-tx</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>jhoeller@pivotal.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>jhoeller</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Juergen Hoeller</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.springframework</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Spring Transaction</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Spring IO</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://spring.io/projects/spring-framework</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>spring-projects/spring-framework</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>6.0.12</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>6.0.12</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.0.12</td><td>Highest</td></tr></table></div><h4 id="header98" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content98" class="subsectioncontent standardsubsection hidden"><ul><li>spring-aop-6.0.12.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-aop\6.0.12\spring-aop-6.0.12.jar</li><li>MD5:&nbsp;8627688dd9370927ba35daf78a56c387</li><li>SHA1:&nbsp;ba7ecdbdc2abaf172d49692b8110f65ecd2d250c</li><li>SHA256:&nbsp;f8c735ac2c6d3fe7759ef05b0088115b01f4c43b1076de8070612f0b7dd6f5e4</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-aop@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-aop@6.0.12</a></li></ul></li><li>spring-aspects-6.0.12.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-aspects\6.0.12\spring-aspects-6.0.12.jar</li><li>MD5:&nbsp;cd5f8b47a0ea2451fc3ffe8505aeab3d</li><li>SHA1:&nbsp;f9f903318add53a20c0e33ead1b16abd669543f7</li><li>SHA256:&nbsp;ee8dd9221aa0913a640a3b34fa2c558cddce70964f7dce5e78907bf6246e4e7e</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-aspects@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-aspects@6.0.12</a></li></ul></li><li>spring-beans-6.0.12.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-beans\6.0.12\spring-beans-6.0.12.jar</li><li>MD5:&nbsp;68e2ce18001437a73142f93cec32f9dd</li><li>SHA1:&nbsp;dfa53afbf1ab65f36c60333443ed1109ed331504</li><li>SHA256:&nbsp;75b5dfed8723703797e6e835154aca6e771b683da0307898ab9816037e936138</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-beans@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-beans@6.0.12</a></li></ul></li><li>spring-context-6.0.12.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-context\6.0.12\spring-context-6.0.12.jar</li><li>MD5:&nbsp;fc55461af3ae9cf2e62c1f4834213b30</li><li>SHA1:&nbsp;f1964518e07796b2fdc1b9be2108485ffe1b4566</li><li>SHA256:&nbsp;9f19eec7b8f943eba0c0a39a01549a28854f667820935bc9d120a9d53ffb8efc</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-context@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-context@6.0.12</a></li></ul></li><li>spring-expression-6.0.12.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-expression\6.0.12\spring-expression-6.0.12.jar</li><li>MD5:&nbsp;0f061cf4b135e91316ca206e43504f80</li><li>SHA1:&nbsp;9283ad418f06f918e834b1981998a5f62a05b355</li><li>SHA256:&nbsp;baeb22c3b4f4917d33471994b8f81a5333b41f736f07cec83df73e59fc57a3b1</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-expression@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-expression@6.0.12</a></li></ul></li><li>spring-jcl-6.0.12.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-jcl\6.0.12\spring-jcl-6.0.12.jar</li><li>MD5:&nbsp;fa0200780961dd50844159e69bbfca9e</li><li>SHA1:&nbsp;44a1d1d105063d4eb9c5dc705245ef6fa4162520</li><li>SHA256:&nbsp;48426807bf74c8348e10c32970f36f4880a232a47ae0f375f0f0cc0b305e0ada</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-jcl@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-jcl@6.0.12</a></li></ul></li><li>spring-jdbc-6.0.12.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-jdbc\6.0.12\spring-jdbc-6.0.12.jar</li><li>MD5:&nbsp;2d96fcb03831aaab3ef01a56646b754c</li><li>SHA1:&nbsp;cf14ce5078ab4b69b760ac91b2b9f23dab1e4457</li><li>SHA256:&nbsp;59e877e3f0c8b98893def8e48a8ff4ad7c2d0959f1eaf00f821249bef69819e2</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-jdbc@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-jdbc@6.0.12</a></li></ul></li><li>spring-orm-6.0.12.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-orm\6.0.12\spring-orm-6.0.12.jar</li><li>MD5:&nbsp;099ef2ab56fb7723b8ecd2a6b9976979</li><li>SHA1:&nbsp;174d73f69d878fd7ddeef9a25213d8932692a768</li><li>SHA256:&nbsp;1fefbb6e5566f14caf68c0346b00f3938bc1cf2b436dff1f7477aeaf71dc2278</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-orm@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-orm@6.0.12</a></li></ul></li></ul></div><h4 id="header99" class="subsectionheader white">Identifiers</h4><div id="content99" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-tx@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-tx@6.0.12</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-tx-6.0.12.jar" data-sha1="b4e997baac7dd14593f3e4f815e3646279e9a63f" data-pkgurl="pkg:maven/org.springframework/spring-tx@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:pivotal_software:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aspringsource&amp;cpe_product=cpe%3A%2F%3Aspringsource%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Aspringsource%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-tx-6.0.12.jar" data-sha1="b4e997baac7dd14593f3e4f815e3646279e9a63f" data-pkgurl="pkg:maven/org.springframework/spring-tx@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:springsource:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-tx-6.0.12.jar" data-sha1="b4e997baac7dd14593f3e4f815e3646279e9a63f" data-pkgurl="pkg:maven/org.springframework/spring-tx@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:vmware:spring_framework">suppress</button></li></ul></div><h4 id="header100" class="subsectionheader collapsed collaspablesubsection white">Published Vulnerabilities</h4><div id="content100" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053">CVE-2023-34053</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="spring-tx-6.0.12.jar" data-sha1="b4e997baac7dd14593f3e4f815e3646279e9a63f" data-pkgurl="pkg:maven/org.springframework/spring-tx@6.0.12" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-34053">suppress</button></p><p><pre>In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.

Specifically, an application is vulnerable when all of the following are true:

  *  the application uses Spring MVC or Spring WebFlux
  *  io.micrometer:micrometer-core��is on the classpath
  *  an ObservationRegistry is configured in the application to record observations


Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator��dependency to meet all conditions.


</pre>NVD-CWE-noinfo<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A</li></ul><br/>References:<ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vulnerability/CVE-2023-34053?component-type=maven&amp;component-name=org.springframework%2Fspring-web&amp;utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0">[CVE-2023-34053] CWE-noinfo</a></li><li>OSSIndex - <a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053</a></li><li>OSSIndex - <a target="_blank" href="https://spring.io/security/cve-2023-34053">https://spring.io/security/cve-2023-34053</a></li><li>security@vmware.com - <a target="_blank" href="https://spring.io/security/cve-2023-34053">VENDOR_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:<ul><li class="vs9"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_framework">cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* versions from (including) 6.0.0; versions up to (excluding) 6.0.14</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection"><a name="l45_89a20bbd7c1f973dc246b1d790b34e0b3e28e74d"></a>spring-web-6.0.12.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>Spring Web</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-web\6.0.12\spring-web-6.0.12.jar<br/><b>MD5:</b>&nbsp;7c575ec671f7673344802ef903fdac5a<br/><b>SHA1:</b>&nbsp;89a20bbd7c1f973dc246b1d790b34e0b3e28e74d<br/><b>SHA256:</b>564b974e54f48fa5f7a721f364d980200bff05213199f8e154b3f4b89a674057<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">spring-web-6.0.12.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11</p><h4 id="header101" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content101" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>spring-web</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>pivotal software</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>SpringSource</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>vmware</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>web</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>spring.web</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-web</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-web</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>jhoeller@pivotal.io</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>jhoeller</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Juergen Hoeller</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Spring Web</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Spring IO</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://spring.io/projects/spring-framework</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>spring-projects/spring-framework</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>spring-web</td><td>High</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>web</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>spring.web</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>spring-web</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>spring-web</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>jhoeller@pivotal.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>jhoeller</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Juergen Hoeller</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.springframework</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Spring Web</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Spring IO</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://spring.io/projects/spring-framework</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>spring-projects/spring-framework</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>6.0.12</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>6.0.12</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.0.12</td><td>Highest</td></tr></table></div><h4 id="header102" class="subsectionheader white">Identifiers</h4><div id="content102" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-web@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-web@6.0.12</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-web-6.0.12.jar" data-sha1="89a20bbd7c1f973dc246b1d790b34e0b3e28e74d" data-pkgurl="pkg:maven/org.springframework/spring-web@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:pivotal_software:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aspringsource&amp;cpe_product=cpe%3A%2F%3Aspringsource%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Aspringsource%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-web-6.0.12.jar" data-sha1="89a20bbd7c1f973dc246b1d790b34e0b3e28e74d" data-pkgurl="pkg:maven/org.springframework/spring-web@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:springsource:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-web-6.0.12.jar" data-sha1="89a20bbd7c1f973dc246b1d790b34e0b3e28e74d" data-pkgurl="pkg:maven/org.springframework/spring-web@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:vmware:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aweb_project&amp;cpe_product=cpe%3A%2F%3Aweb_project%3Aweb&amp;cpe_version=cpe%3A%2F%3Aweb_project%3Aweb%3A6.0.12" target="_blank">cpe:2.3:a:web_project:web:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-web-6.0.12.jar" data-sha1="89a20bbd7c1f973dc246b1d790b34e0b3e28e74d" data-pkgurl="pkg:maven/org.springframework/spring-web@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:web_project:web">suppress</button></li></ul></div><h4 id="header103" class="subsectionheader collapsed collaspablesubsection white">Published Vulnerabilities</h4><div id="content103" class="subsectioncontent standardsubsection"><p><span class="underline"><b>CVE-2024-22243</b>&nbsp;(OSSINDEX)</span>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this vulnerability for this file" data-display-name="spring-web-6.0.12.jar" data-sha1="89a20bbd7c1f973dc246b1d790b34e0b3e28e74d" data-pkgurl="pkg:maven/org.springframework/spring-web@6.0.12" data-type-to-suppress="vulnerabilityName" data-id-to-suppress="CVE-2024-22243">suppress</button></p><p><pre>Applications that use UriComponentsBuilder&nbsp;to parse an externally provided URL (e.g. through a query parameter) AND&nbsp;perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html &nbsp;attack or to a SSRF attack if the URL is used after passing validation checks.


Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2024-22243 for details</pre>CWE-20 Improper Input Validation<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (8.100000381469727)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N</li></ul><br/>References:<ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vulnerability/CVE-2024-22243?component-type=maven&amp;component-name=org.springframework%2Fspring-web&amp;utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0">[CVE-2024-22243] CWE-20: Improper Input Validation</a></li><li>OSSIndex - <a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22243">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22243</a></li><li>OSSIndex - <a target="_blank" href="https://github.com/spring-projects/spring-framework/issues/32211">https://github.com/spring-projects/spring-framework/issues/32211</a></li><li>OSSIndex - <a target="_blank" href="https://spring.io/security/cve-2024-22243">https://spring.io/security/cve-2024-22243</a></li></ul></p><p>Vulnerable Software &amp; Versions (OSSINDEX):<ul><li class="vs10">cpe:2.3:a:org.springframework:spring-web:6.0.12:*:*:*:*:*:*:*</li></ul></p><p><span class="underline"><b>CVE-2024-22262</b>&nbsp;(OSSINDEX)</span>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this vulnerability for this file" data-display-name="spring-web-6.0.12.jar" data-sha1="89a20bbd7c1f973dc246b1d790b34e0b3e28e74d" data-pkgurl="pkg:maven/org.springframework/spring-web@6.0.12" data-type-to-suppress="vulnerabilityName" data-id-to-suppress="CVE-2024-22262">suppress</button></p><p><pre>Applications that use UriComponentsBuilder&nbsp;to parse an externally provided URL (e.g. through a query parameter) AND&nbsp;perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html &nbsp;attack or to a SSRF attack if the URL is used after passing validation checks.

This is the same as  CVE-2024-22259 https://spring.io/security/cve-2024-22259 &nbsp;and  CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.

</pre>CWE-20 Improper Input Validation<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (8.100000381469727)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N</li></ul><br/>References:<ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vulnerability/CVE-2024-22262?component-type=maven&amp;component-name=org.springframework%2Fspring-web&amp;utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0">[CVE-2024-22262] CWE-20: Improper Input Validation</a></li><li>OSSIndex - <a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22262">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22262</a></li><li>OSSIndex - <a target="_blank" href="https://github.com/spring-projects/spring-framework/issues/32616">https://github.com/spring-projects/spring-framework/issues/32616</a></li><li>OSSIndex - <a target="_blank" href="https://spring.io/security/cve-2024-22262">https://spring.io/security/cve-2024-22262</a></li></ul></p><p>Vulnerable Software &amp; Versions (OSSINDEX):<ul><li class="vs11">cpe:2.3:a:org.springframework:spring-web:6.0.12:*:*:*:*:*:*:*</li></ul></p><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053">CVE-2023-34053</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="spring-web-6.0.12.jar" data-sha1="89a20bbd7c1f973dc246b1d790b34e0b3e28e74d" data-pkgurl="pkg:maven/org.springframework/spring-web@6.0.12" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-34053">suppress</button></p><p><pre>In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.

Specifically, an application is vulnerable when all of the following are true:

  *  the application uses Spring MVC or Spring WebFlux
  *  io.micrometer:micrometer-core��is on the classpath
  *  an ObservationRegistry is configured in the application to record observations


Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator��dependency to meet all conditions.


</pre>NVD-CWE-noinfo<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A</li></ul><br/>References:<ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vulnerability/CVE-2023-34053?component-type=maven&amp;component-name=org.springframework%2Fspring-web&amp;utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0">[CVE-2023-34053] CWE-noinfo</a></li><li>OSSIndex - <a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053</a></li><li>OSSIndex - <a target="_blank" href="https://spring.io/security/cve-2023-34053">https://spring.io/security/cve-2023-34053</a></li><li>security@vmware.com - <a target="_blank" href="https://spring.io/security/cve-2023-34053">VENDOR_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:<ul><li class="vs12"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_framework">cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* versions from (including) 6.0.0; versions up to (excluding) 6.0.14</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection"><a name="l46_c7cf897d23da555a20e570d170f8f1541b04564d"></a>spring-webmvc-6.0.12.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>Spring Web MVC</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\springframework\spring-webmvc\6.0.12\spring-webmvc-6.0.12.jar<br/><b>MD5:</b>&nbsp;cfb143ad22d485934558773d3fc6ed29<br/><b>SHA1:</b>&nbsp;c7cf897d23da555a20e570d170f8f1541b04564d<br/><b>SHA256:</b>0fce74a2be71ba831199f012d83c2888ece9e8d1a91f971cd1016a042de4aed4<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">spring-webmvc-6.0.12.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11</p><h4 id="header104" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content104" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>spring-webmvc</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>pivotal software</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>SpringSource</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>vmware</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>mvc</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>web</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>spring.webmvc</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-webmvc</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-webmvc</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>jhoeller@pivotal.io</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>jhoeller</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Juergen Hoeller</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Spring Web MVC</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Spring IO</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://spring.io/projects/spring-framework</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>spring-projects/spring-framework</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>spring-webmvc</td><td>High</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>mvc</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>web</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>spring.webmvc</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>spring-webmvc</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>spring-webmvc</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>jhoeller@pivotal.io</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>jhoeller</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Juergen Hoeller</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.springframework</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Spring Web MVC</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Spring IO</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://spring.io/projects/spring-framework</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>spring-projects/spring-framework</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>6.0.12</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>6.0.12</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.0.12</td><td>Highest</td></tr></table></div><h4 id="header105" class="subsectionheader white">Identifiers</h4><div id="content105" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-webmvc@6.0.12?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.springframework/spring-webmvc@6.0.12</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:pivotal_software:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-webmvc-6.0.12.jar" data-sha1="c7cf897d23da555a20e570d170f8f1541b04564d" data-pkgurl="pkg:maven/org.springframework/spring-webmvc@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:pivotal_software:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aspringsource&amp;cpe_product=cpe%3A%2F%3Aspringsource%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Aspringsource%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:springsource:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-webmvc-6.0.12.jar" data-sha1="c7cf897d23da555a20e570d170f8f1541b04564d" data-pkgurl="pkg:maven/org.springframework/spring-webmvc@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:springsource:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Avmware&amp;cpe_product=cpe%3A%2F%3Avmware%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Avmware%3Aspring_framework%3A6.0.12" target="_blank">cpe:2.3:a:vmware:spring_framework:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-webmvc-6.0.12.jar" data-sha1="c7cf897d23da555a20e570d170f8f1541b04564d" data-pkgurl="pkg:maven/org.springframework/spring-webmvc@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:vmware:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aweb_project&amp;cpe_product=cpe%3A%2F%3Aweb_project%3Aweb&amp;cpe_version=cpe%3A%2F%3Aweb_project%3Aweb%3A6.0.12" target="_blank">cpe:2.3:a:web_project:web:6.0.12:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-webmvc-6.0.12.jar" data-sha1="c7cf897d23da555a20e570d170f8f1541b04564d" data-pkgurl="pkg:maven/org.springframework/spring-webmvc@6.0.12" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:web_project:web">suppress</button></li></ul></div><h4 id="header106" class="subsectionheader collapsed collaspablesubsection white">Published Vulnerabilities</h4><div id="content106" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053">CVE-2023-34053</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="spring-webmvc-6.0.12.jar" data-sha1="c7cf897d23da555a20e570d170f8f1541b04564d" data-pkgurl="pkg:maven/org.springframework/spring-webmvc@6.0.12" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-34053">suppress</button></p><p><pre>In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.

Specifically, an application is vulnerable when all of the following are true:

  *  the application uses Spring MVC or Spring WebFlux
  *  io.micrometer:micrometer-core��is on the classpath
  *  an ObservationRegistry is configured in the application to record observations


Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator��dependency to meet all conditions.


</pre>NVD-CWE-noinfo<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A</li></ul><br/>References:<ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vulnerability/CVE-2023-34053?component-type=maven&amp;component-name=org.springframework%2Fspring-web&amp;utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0">[CVE-2023-34053] CWE-noinfo</a></li><li>OSSIndex - <a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34053</a></li><li>OSSIndex - <a target="_blank" href="https://spring.io/security/cve-2023-34053">https://spring.io/security/cve-2023-34053</a></li><li>security@vmware.com - <a target="_blank" href="https://spring.io/security/cve-2023-34053">VENDOR_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:<ul><li class="vs13"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avmware%3Aspring_framework">cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* versions from (including) 6.0.0; versions up to (excluding) 6.0.14</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l47_92578ad15f49d805dfbc3b7ca92b9497a25ed2a5"></a>switch.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\IdeaProjects\VulnApp\src\main\resources\static\js\switch.js<br/><b>MD5:</b>&nbsp;1305c5b948fa09ff9c890c7045ecd365<br/><b>SHA1:</b>&nbsp;92578ad15f49d805dfbc3b7ca92b9497a25ed2a5<br/><b>SHA256:</b>8bfa3934f6bd208d49a075ae411477218ac902d1d346bd35dd7a288d8d29e3a5<br/><b>Referenced In Project/Scope:</b> VulnApp</p><h4 id="header107" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content107" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header108" class="subsectionheader white">Identifiers</h4><div id="content108" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l48_273997509a4c7aef86cee0521750140c587d9be2"></a>thymeleaf-3.1.2.RELEASE.jar</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\thymeleaf\thymeleaf\3.1.2.RELEASE\thymeleaf-3.1.2.RELEASE.jar<br/><b>MD5:</b>&nbsp;4a9b2210cb35b43fb0b8499e17b9c880<br/><b>SHA1:</b>&nbsp;273997509a4c7aef86cee0521750140c587d9be2<br/><b>SHA256:</b>2b3a714be2de349ccb60c65603ae5e8bd7060c7a4f8833485707671e9a862a24<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">thymeleaf-3.1.2.RELEASE.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11</p><h4 id="header109" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content109" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>thymeleaf</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>thymeleaf</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>thymeleaf</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Thymeleaf</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Thymeleaf</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>thymeleaf</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>thymeleaf</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.thymeleaf</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>thymeleaf</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>thymeleaf-lib</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>thymeleaf</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>thymeleaf</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>thymeleaf</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>17</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>thymeleaf</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>thymeleaf</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>thymeleaf</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.thymeleaf</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>thymeleaf</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>thymeleaf-lib</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.1.2.RELEASE</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.1.2.RELEASE</td><td>Highest</td></tr></table></div><h4 id="header110" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content110" class="subsectioncontent standardsubsection hidden"><ul><li>thymeleaf-spring6-3.1.2.RELEASE.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\thymeleaf\thymeleaf-spring6\3.1.2.RELEASE\thymeleaf-spring6-3.1.2.RELEASE.jar</li><li>MD5:&nbsp;8bd01554ec31619dda90fb3a8c7a0b02</li><li>SHA1:&nbsp;6030c7b4e260c41336f378e53da6e8531263f24b</li><li>SHA256:&nbsp;2d2dd31d1252d3777b521db6b371de986efabd2d5b15d51c5cad78b79cd7799c</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.2.RELEASE?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.2.RELEASE</a></li></ul></li></ul></div><h4 id="header111" class="subsectionheader white">Identifiers</h4><div id="content111" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.thymeleaf/thymeleaf@3.1.2.RELEASE?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.thymeleaf/thymeleaf@3.1.2.RELEASE</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Athymeleaf&amp;cpe_product=cpe%3A%2F%3Athymeleaf%3Athymeleaf&amp;cpe_version=cpe%3A%2F%3Athymeleaf%3Athymeleaf%3A3.1.2" target="_blank">cpe:2.3:a:thymeleaf:thymeleaf:3.1.2:release:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="thymeleaf-3.1.2.RELEASE.jar" data-sha1="273997509a4c7aef86cee0521750140c587d9be2" data-pkgurl="pkg:maven/org.thymeleaf/thymeleaf@3.1.2.RELEASE" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:thymeleaf:thymeleaf">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l49_6909967f2ed6c323108c2cc7f20586d6f7eb6455"></a>tomcat-embed-core-10.1.13.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>Core Tomcat implementation</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\apache\tomcat\embed\tomcat-embed-core\10.1.13\tomcat-embed-core-10.1.13.jar<br/><b>MD5:</b>&nbsp;b5302b27a8ab248cc5769eddc9ba8aa7<br/><b>SHA1:</b>&nbsp;6909967f2ed6c323108c2cc7f20586d6f7eb6455<br/><b>SHA256:</b>90d8839d866ee5f6786eea4439bfad01b7935e0307af0ff9f767eed92682cf4d<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">tomcat-embed-core-10.1.13.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-web@3.0.11</p><h4 id="header112" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content112" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>tomcat-embed-core</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tomcat</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tomcat-embed-core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>provide-capability</td><td>osgi.contract;osgi.contract=JavaJASPIC;version:Version=&quot;3.0&quot;;uses:=&quot;jakarta.security.auth.message,jakarta.security.auth.message.callback,jakarta.security.auth.message.config,jakarta.security.auth.message.module&quot;,osgi.contract;osgi.contract=JavaServlet;version:Version=&quot;6.0&quot;;uses:=&quot;jakarta.servlet,jakarta.servlet.annotation,jakarta.servlet.descriptor,jakarta.servlet.http,jakarta.servlet.resources&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>manifest: jakarta/security/auth/message/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>Medium</td></tr><tr><td>Vendor</td><td>manifest: jakarta/security/auth/message/callback/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>Medium</td></tr><tr><td>Vendor</td><td>manifest: jakarta/security/auth/message/config/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>Medium</td></tr><tr><td>Vendor</td><td>manifest: jakarta/security/auth/message/module/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>Medium</td></tr><tr><td>Vendor</td><td>manifest: jakarta/servlet/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>Medium</td></tr><tr><td>Vendor</td><td>manifest: jakarta/servlet/annotation/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>Medium</td></tr><tr><td>Vendor</td><td>manifest: jakarta/servlet/descriptor/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>Medium</td></tr><tr><td>Vendor</td><td>manifest: jakarta/servlet/http/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>Medium</td></tr><tr><td>Vendor</td><td>manifest: jakarta/servlet/resources/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>tomcat-embed-core</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>tomcat-embed-core</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.tomcat.embed</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://tomcat.apache.org/</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>tomcat-embed-core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>annotation</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>auth</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>descriptor</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>http</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>message</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>security</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>servlet</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tomcat</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>tomcat-embed-core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tomcat-embed-core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>provide-capability</td><td>osgi.contract;osgi.contract=JavaJASPIC;version:Version=&quot;3.0&quot;;uses:=&quot;jakarta.security.auth.message,jakarta.security.auth.message.callback,jakarta.security.auth.message.config,jakarta.security.auth.message.module&quot;,osgi.contract;osgi.contract=JavaServlet;version:Version=&quot;6.0&quot;;uses:=&quot;jakarta.servlet,jakarta.servlet.annotation,jakarta.servlet.descriptor,jakarta.servlet.http,jakarta.servlet.resources&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/security/auth/message/</td><td>Implementation-Title</td><td>jakarta.security.auth.message</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/security/auth/message/</td><td>Specification-Title</td><td>Jakarta Authentication SPI for Containers</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/security/auth/message/callback/</td><td>Implementation-Title</td><td>jakarta.security.auth.message</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/security/auth/message/callback/</td><td>Specification-Title</td><td>Jakarta Authentication SPI for Containers</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/security/auth/message/config/</td><td>Implementation-Title</td><td>jakarta.security.auth.message</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/security/auth/message/config/</td><td>Specification-Title</td><td>Jakarta Authentication SPI for Containers</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/security/auth/message/module/</td><td>Implementation-Title</td><td>jakarta.security.auth.message</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/security/auth/message/module/</td><td>Specification-Title</td><td>Jakarta Authentication SPI for Containers</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/servlet/</td><td>Implementation-Title</td><td>jakarta.servlet</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/servlet/</td><td>Specification-Title</td><td>Jakarta Servlet</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/servlet/annotation/</td><td>Implementation-Title</td><td>jakarta.servlet</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/servlet/annotation/</td><td>Specification-Title</td><td>Jakarta Servlet</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/servlet/descriptor/</td><td>Implementation-Title</td><td>jakarta.servlet</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/servlet/descriptor/</td><td>Specification-Title</td><td>Jakarta Servlet</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/servlet/http/</td><td>Implementation-Title</td><td>jakarta.servlet</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/servlet/http/</td><td>Specification-Title</td><td>Jakarta Servlet</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/servlet/resources/</td><td>Implementation-Title</td><td>jakarta.servlet</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/servlet/resources/</td><td>Specification-Title</td><td>Jakarta Servlet</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>tomcat-embed-core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.apache.tomcat.embed</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://tomcat.apache.org/</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>10.1.13</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>10.1.13</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>10.1.13</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>10.1.13</td><td>Highest</td></tr></table></div><h4 id="header113" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content113" class="subsectioncontent standardsubsection hidden"><ul><li>tomcat-embed-websocket-10.1.13.jar<ul><li>File Path:&nbsp;C:\Users\kreml\.m2\repository\org\apache\tomcat\embed\tomcat-embed-websocket\10.1.13\tomcat-embed-websocket-10.1.13.jar</li><li>MD5:&nbsp;018afef1cb14a09b329e8281a15206d1</li><li>SHA1:&nbsp;540a79df9699435e4f7cb8983daab272d29d093f</li><li>SHA256:&nbsp;be99ac98e92412d79305f0f7598374215268028a7fc49b4a1d60ba6d4947d934</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.13?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.13</a></li></ul></li></ul></div><h4 id="header114" class="subsectionheader white">Identifiers</h4><div id="content114" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atomcat&amp;cpe_version=cpe%3A%2F%3Aapache%3Atomcat%3A10.1.13" target="_blank">cpe:2.3:a:apache:tomcat:10.1.13:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="tomcat-embed-core-10.1.13.jar" data-sha1="6909967f2ed6c323108c2cc7f20586d6f7eb6455" data-pkgurl="pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:tomcat">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache_tomcat&amp;cpe_product=cpe%3A%2F%3Aapache_tomcat%3Aapache_tomcat&amp;cpe_version=cpe%3A%2F%3Aapache_tomcat%3Aapache_tomcat%3A10.1.13" target="_blank">cpe:2.3:a:apache_tomcat:apache_tomcat:10.1.13:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="tomcat-embed-core-10.1.13.jar" data-sha1="6909967f2ed6c323108c2cc7f20586d6f7eb6455" data-pkgurl="pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache_tomcat:apache_tomcat">suppress</button></li></ul></div><h4 id="header115" class="subsectionheader collapsed collaspablesubsection white">Published Vulnerabilities</h4><div id="content115" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487">CVE-2023-44487</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="tomcat-embed-core-10.1.13.jar" data-sha1="6909967f2ed6c323108c2cc7f20586d6f7eb6455" data-pkgurl="pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-44487">suppress</button></p><b><span class="redtext">CISA Known Exploited Vulnerability:</span></b><ul><li>Product: IETF HTTP/2</li><li>Name: HTTP/2 Rapid Reset Attack Vulnerability</li><li>Date Added:  2023-10-10</li><li>Description:  HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).</li><li>Required Action:  Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.</li><li>Due Date:  2023-10-31</li><li>Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/</li></ul><p><pre>The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.</pre>CWE-400 Uncontrolled Resource Consumption<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A</li></ul><br/>References:<ul><li>cve@mitre.org - <a target="_blank" href="https://github.com/micrictor/http2-rst-stream">EXPLOIT,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://news.ycombinator.com/item?id=37837043">ISSUE_TRACKING</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/etcd-io/etcd/issues/16740">ISSUE_TRACKING,PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/line/armeria/pull/5232">ISSUE_TRACKING,PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/opensearch-project/data-prepper/issues/3474">ISSUE_TRACKING,PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/projectcontour/contour/pull/5826">ISSUE_TRACKING,PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://news.ycombinator.com/item?id=37830998">ISSUE_TRACKING,PRESS/MEDIA_COVERAGE</a></li><li>cve@mitre.org - <a target="_blank" href="https://bugzilla.proxmox.com/show_bug.cgi?id=4988">ISSUE_TRACKING,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/kazu-yamamoto/http2/issues/93">ISSUE_TRACKING,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://news.ycombinator.com/item?id=37830987">ISSUE_TRACKING,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://news.ycombinator.com/item?id=37831062">ISSUE_TRACKING,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=2242803">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://bugzilla.suse.com/show_bug.cgi?id=1216123">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/Azure/AKS/issues/3947">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/Kong/kong/discussions/11741">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/akka/akka-http/issues/4323">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/alibaba/tengine/issues/1872">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/apache/apisix/issues/10320">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/apache/httpd-site/pull/10">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/caddyserver/caddy/issues/5877">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/eclipse/jetty.project/issues/10679">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/golang/go/issues/63417">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/haproxy/haproxy/issues/2312">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/junkurihara/rust-rpxy/issues/97">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/ninenines/cowboy/issues/1615">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/openresty/openresty/issues/930">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/oqtane/oqtane.framework/discussions/3367">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/tempesta-tech/tempesta/issues/1986">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/varnishcache/varnish-cache/issues/3996">ISSUE_TRACKING,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2023/10/20/8">MAILING_LIST</a></li><li>cve@mitre.org - <a target="_blank" href="https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html">MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9">MAILING_LIST,PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2023/10/13/4">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2023/10/13/9">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2023/10/18/4">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2023/10/18/8">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2023/10/19/6">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.openwall.com/lists/oss-security/2023/10/10/6">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo">MAILING_LIST,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q">MAILING_LIST,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/advisories/GHSA-vx74-f528-fxqg">MITIGATION,PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487">MITIGATION,PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/dotnet/announcements/issues/277">MITIGATION,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/">MITIGATION,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/h2o/h2o/pull/3291">PATCH,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1">PATCH,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/advisories/GHSA-xpw8-rcwv-8f8p">PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/apache/trafficserver/pull/10564">PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/envoyproxy/envoy/pull/30055">PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/facebook/proxygen/pull/466">PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/grpc/grpc-go/pull/6703">PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/kubernetes/kubernetes/pull/121120">PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/microsoft/CBL-Mariner/pull/6381">PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61">PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/nghttp2/nghttp2/pull/1961">PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/">PATCH,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack">PRESS/MEDIA_COVERAGE</a></li><li>cve@mitre.org - <a target="_blank" href="https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/">PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack">PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event">PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/">PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73">PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113">PRODUCT,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2">PRODUCT,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244">PRODUCT,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/caddyserver/caddy/releases/tag/v2.7.5">RELEASE_NOTES,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0">RELEASE_NOTES,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://netty.io/news/2023/10/10/4-1-100-Final.html">RELEASE_NOTES,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14">RELEASE_NOTES,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve">TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/">TECHNICAL_DESCRIPTION,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/">TECHNICAL_DESCRIPTION,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack">TECHNICAL_DESCRIPTION,VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/bcdannyboy/CVE-2023-44487">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://security.gentoo.org/glsa/202311-09">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://security.netapp.com/advisory/ntap-20231016-0001/">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.debian.org/security/2023/dsa-5540">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.debian.org/security/2023/dsa-5549">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.debian.org/security/2023/dsa-5558">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.debian.org/security/2023/dsa-5570">THIRD_PARTY_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487">THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE</a></li><li>cve@mitre.org - <a target="_blank" href="https://access.redhat.com/security/cve/cve-2023-44487">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://aws.amazon.com/security/security-bulletins/AWS-2023-011/">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://blog.vespa.ai/cve-2023-44487/">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/advisories/GHSA-qppj-fm5r-hxr3">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://github.com/nodejs/node/pull/50121">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://istio.io/latest/news/security/istio-security-2023-004/">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://my.f5.com/manage/s/article/K000137106">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://security.paloaltonetworks.com/CVE-2023-44487">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://ubuntu.com/security/CVE-2023-44487">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.debian.org/security/2023/dsa-5521">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.debian.org/security/2023/dsa-5522">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487">VENDOR_ADVISORY</a></li><li>cve@mitre.org - <a target="_blank" href="https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/">VENDOR_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs14">show all</a>)<ul><li class="vs14"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 10.1.0; versions up to (including) 10.1.13</a></li><li class="vs14">...</li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aakka%3Ahttp_server">cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:* versions up to (excluding) 10.5.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aamazon%3Aopensearch_data_prepper">cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:* versions up to (excluding) 2.5.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aapisix">cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:* versions up to (excluding) 3.6.1</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Asolr">cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* versions up to (excluding) 9.4.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 10.1.0; versions up to (including) 10.1.13</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (including) 8.5.93</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 9.0.0; versions up to (including) 9.0.80</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone1">cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone10">cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone11">cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone2">cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone3">cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone4">cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone5">cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone6">cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone7">cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone8">cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone9">cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atraffic_server">cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (excluding) 8.1.9</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atraffic_server">cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:* versions from (including) 9.0.0; versions up to (excluding) 9.2.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapple%3Aswiftnio_http%252f2%3A%3A%3A%7E%7E%7Eswift%7E%7E">cpe:2.3:a:apple:swiftnio_http\/2:*:*:*:*:*:swift:*:* versions up to (excluding) 1.28.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acaddyserver%3Acaddy">cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:* versions up to (excluding) 2.7.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aconnected_mobile_experiences">cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:* versions up to (excluding) 11.1</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Acrosswork_data_gateway">cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Acrosswork_data_gateway%3A5.0">cpe:2.3:a:cisco:crosswork_data_gateway:5.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Acrosswork_zero_touch_provisioning">cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Adata_center_network_manager%3A-">cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aenterprise_chat_and_email%3A-">cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aexpressway">cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:* versions up to (excluding) x14.3.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Afirepower_threat_defense">cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* versions up to (excluding) 7.4.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aiot_field_network_director">cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:* versions up to (excluding) 4.11.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aprime_access_registrar">cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:* versions up to (excluding) 9.3.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aprime_cable_provisioning">cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:* versions up to (excluding) 7.2.1</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aprime_infrastructure">cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:* versions up to (excluding) 3.10.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aprime_network_registrar">cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:* versions up to (excluding) 11.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Asecure_dynamic_attributes_connector">cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:* versions up to (excluding) 2.2.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Asecure_malware_analytics">cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:* versions up to (excluding) 2.19.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Atelepresence_video_communication_server">cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:* versions up to (excluding) x14.3.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aultra_cloud_core_-_policy_control_function">cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:* versions up to (excluding) 2024.01.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aultra_cloud_core_-_policy_control_function%3A2024.01.0">cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aultra_cloud_core_-_serving_gateway_function">cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:* versions up to (excluding) 2024.02.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aultra_cloud_core_-_session_management_function">cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:* versions up to (excluding) 2024.02.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aunified_attendant_console_advanced%3A-">cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aunified_contact_center_domain_manager%3A-">cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aunified_contact_center_enterprise%3A-">cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aunified_contact_center_enterprise_-_live_data_server">cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:* versions up to (excluding) 12.6.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acisco%3Aunified_contact_center_management_portal%3A-">cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Adena%3Ah2o">cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:* versions up to (excluding) 2023-10-10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Ajetty">cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:* versions up to (excluding) 9.4.53</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Ajetty">cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:* versions from (including) 10.0.0; versions up to (excluding) 10.0.17</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Ajetty">cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:* versions from (including) 11.0.0; versions up to (excluding) 11.0.17</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Ajetty">cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:* versions from (including) 12.0.0; versions up to (excluding) 12.0.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aenvoyproxy%3Aenvoy%3A1.24.10">cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aenvoyproxy%3Aenvoy%3A1.25.9">cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aenvoyproxy%3Aenvoy%3A1.26.4">cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aenvoyproxy%3Aenvoy%3A1.27.0">cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_access_policy_manager">cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_access_policy_manager">cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_access_policy_manager">cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_access_policy_manager">cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_access_policy_manager%3A17.1.0">cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_advanced_firewall_manager">cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_advanced_firewall_manager">cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_advanced_firewall_manager">cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_advanced_firewall_manager">cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_advanced_firewall_manager%3A17.1.0">cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_advanced_web_application_firewall">cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_advanced_web_application_firewall">cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_advanced_web_application_firewall">cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_advanced_web_application_firewall">cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_advanced_web_application_firewall%3A17.1.0">cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_analytics">cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_analytics">cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_analytics">cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_analytics">cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_analytics%3A17.1.0">cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_acceleration_manager">cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_acceleration_manager">cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_acceleration_manager">cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_acceleration_manager">cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_acceleration_manager%3A17.1.0">cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_security_manager">cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_security_manager">cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_security_manager">cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_security_manager">cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_security_manager%3A17.1.0">cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_visibility_and_reporting">cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_visibility_and_reporting">cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_visibility_and_reporting">cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_visibility_and_reporting">cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_application_visibility_and_reporting%3A17.1.0">cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_carrier-grade_nat">cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_carrier-grade_nat">cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_carrier-grade_nat">cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_carrier-grade_nat">cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_carrier-grade_nat%3A17.1.0">cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_ddos_hybrid_defender">cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_ddos_hybrid_defender">cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_ddos_hybrid_defender">cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_ddos_hybrid_defender">cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_ddos_hybrid_defender%3A17.1.0">cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_domain_name_system">cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_domain_name_system">cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_domain_name_system">cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_domain_name_system">cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_domain_name_system%3A17.1.0">cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_fraud_protection_service">cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_fraud_protection_service">cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_fraud_protection_service">cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_fraud_protection_service">cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_fraud_protection_service%3A17.1.0">cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_global_traffic_manager">cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_global_traffic_manager">cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_global_traffic_manager">cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_global_traffic_manager">cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_global_traffic_manager%3A17.1.0">cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_link_controller">cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_link_controller">cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_link_controller">cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_link_controller">cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_link_controller%3A17.1.0">cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_local_traffic_manager">cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_local_traffic_manager">cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_local_traffic_manager">cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_local_traffic_manager">cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_local_traffic_manager%3A17.1.0">cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_next%3A20.0.1">cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_next_service_proxy_for_kubernetes">cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:* versions from (including) 1.5.0; versions up to (including) 1.8.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_policy_enforcement_manager">cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_policy_enforcement_manager">cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_policy_enforcement_manager">cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_policy_enforcement_manager">cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_policy_enforcement_manager%3A17.1.0">cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_ssl_orchestrator">cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_ssl_orchestrator">cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_ssl_orchestrator">cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_ssl_orchestrator">cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_ssl_orchestrator%3A17.1.0">cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_webaccelerator">cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_webaccelerator">cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_webaccelerator">cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_webaccelerator">cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_webaccelerator%3A17.1.0">cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_websafe">cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:* versions from (including) 13.1.0; versions up to (including) 13.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_websafe">cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:* versions from (including) 14.1.0; versions up to (including) 14.1.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_websafe">cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:* versions from (including) 15.1.0; versions up to (including) 15.1.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_websafe">cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.1.4</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Abig-ip_websafe%3A17.1.0">cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Anginx">cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:* versions from (including) 1.9.5; versions up to (including) 1.25.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Anginx_ingress_controller">cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:* versions from (including) 2.0.0; versions up to (including) 2.4.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Anginx_ingress_controller">cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.3.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Anginx_plus">cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:* versions from (including) r25; versions up to (excluding) r29</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Anginx_plus%3Ar29%3A-">cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Af5%3Anginx_plus%3Ar30%3A-">cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Afacebook%3Aproxygen">cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:* versions up to (excluding) 2023.10.16.00</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agolang%3Ago">cpe:2.3:a:golang:go:*:*:*:*:*:*:*:* versions up to (excluding) 1.20.10</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agolang%3Ago">cpe:2.3:a:golang:go:*:*:*:*:*:*:*:* versions from (including) 1.21.0; versions up to (excluding) 1.21.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agolang%3Ahttp2%3A%3A%3A%7E%7E%7Ego%7E%7E">cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:* versions up to (excluding) 0.17.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agolang%3Anetworking%3A%3A%3A%7E%7E%7Ego%7E%7E">cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:* versions up to (excluding) 0.17.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agrpc%3Agrpc%3A%3A%3A%7E%7E%7E-%7E%7E">cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:* versions up to (including) 1.59.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agrpc%3Agrpc%3A%3A%3A%7E%7E%7Ego%7E%7E">cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:* versions up to (excluding) 1.56.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agrpc%3Agrpc%3A%3A%3A%7E%7E%7Ego%7E%7E">cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:* versions from (including) 1.58.0; versions up to (excluding) 1.58.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agrpc%3Agrpc%3A1.57.0%3A-%3A%7E%7E%7Ego%7E%7E">cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aietf%3Ahttp%3A2.0">cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aistio%3Aistio">cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:* versions up to (excluding) 1.17.6</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aistio%3Aistio">cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:* versions from (including) 1.18.0; versions up to (excluding) 1.18.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aistio%3Aistio">cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:* versions from (including) 1.19.0; versions up to (excluding) 1.19.1</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ajenkins%3Ajenkins%3A%3A%3A%7E%7E-%7E%7E%7E">cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:* versions up to (including) 2.427</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ajenkins%3Ajenkins%3A%3A%3A%7E%7Elts%7E%7E%7E">cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* versions up to (including) 2.414.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Akazu-yamamoto%3Ahttp2">cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:* versions up to (excluding) 4.2.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Akonghq%3Akong_gateway%3A%3A%3A%7E%7Eenterprise%7E%7E%7E">cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:* versions up to (excluding) 3.4.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Alinecorp%3Aarmeria">cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:* versions up to (excluding) 1.26.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Alinkerd%3Alinkerd%3A%3A%3A%7E%7Estable%7Ekubernetes%7E%7E">cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:* versions from (including) 2.12.0; versions up to (including) 2.12.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Alinkerd%3Alinkerd%3A2.13.0%3A%3A%7E%7Estable%7Ekubernetes%7E%7E">cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Alinkerd%3Alinkerd%3A2.13.1%3A%3A%7E%7Estable%7Ekubernetes%7E%7E">cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Alinkerd%3Alinkerd%3A2.14.0%3A%3A%7E%7Estable%7Ekubernetes%7E%7E">cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Alinkerd%3Alinkerd%3A2.14.1%3A%3A%7E%7Estable%7Ekubernetes%7E%7E">cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3A.net">cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:* versions from (including) 6.0.0; versions up to (excluding) 6.0.23</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3A.net">cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:* versions from (including) 7.0.0; versions up to (excluding) 7.0.12</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Aasp.net_core">cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:* versions from (including) 6.0.0; versions up to (excluding) 6.0.23</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Aasp.net_core">cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:* versions from (including) 7.0.0; versions up to (excluding) 7.0.12</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Aazure_kubernetes_service">cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:* versions up to (excluding) 2023-10-08</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Acbl-mariner">cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:* versions up to (excluding) 2023-10-11</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Avisual_studio_2022">cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* versions from (including) 17.0; versions up to (excluding) 17.2.20</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Avisual_studio_2022">cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* versions from (including) 17.4; versions up to (excluding) 17.4.12</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Avisual_studio_2022">cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* versions from (including) 17.6; versions up to (excluding) 17.6.8</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Avisual_studio_2022">cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (excluding) 17.7.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Anetapp%3Aastra_control_center%3A-">cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Anetty%3Anetty">cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.100</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Anghttp2%3Anghttp2">cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:* versions up to (excluding) 1.57.0</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Anodejs%3Anode.js">cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:* versions from (including) 20.0.0; versions up to (excluding) 20.8.1</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Anodejs%3Anode.js%3A%3A%3A%7E%7Elts%7E%7E%7E">cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:* versions from (including) 18.0.0; versions up to (excluding) 18.18.2</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aopenresty%3Aopenresty">cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:* versions up to (excluding) 1.21.4.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aprojectcontour%3Acontour%3A%3A%3A%7E%7E%7Ekubernetes%7E%7E">cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:* versions up to (excluding) 2023-10-11</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3A3scale_api_management_platform%3A2.0">cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aadvanced_cluster_management_for_kubernetes%3A2.0">cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aadvanced_cluster_security%3A3.0">cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aadvanced_cluster_security%3A4.0">cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aansible_automation_platform%3A2.0">cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Abuild_of_optaplanner%3A8.0">cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Abuild_of_quarkus%3A-">cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aceph_storage%3A5.0">cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Acert-manager_operator_for_red_hat_openshift%3A-">cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Acertification_for_red_hat_enterprise_linux%3A8.0">cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Acertification_for_red_hat_enterprise_linux%3A9.0">cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Acost_management%3A-">cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Acryostat%3A2.0">cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Adecision_manager%3A7.0">cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Afence_agents_remediation_operator%3A-">cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aintegration_camel_for_spring_boot%3A-">cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aintegration_camel_k%3A-">cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aintegration_service_registry%3A-">cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_a-mq%3A7">cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_a-mq_streams%3A-">cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_core_services%3A-">cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_data_grid%3A7.0.0">cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_application_platform%3A6.0.0">cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_application_platform%3A7.0.0">cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_fuse%3A6.0.0">cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_fuse%3A7.0.0">cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Alogging_subsystem_for_red_hat_openshift%3A-">cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Amachine_deletion_remediation_operator%3A-">cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Amigration_toolkit_for_applications%3A6.0">cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Amigration_toolkit_for_containers%3A-">cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Amigration_toolkit_for_virtualization%3A-">cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Anetwork_observability_operator%3A-">cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Anode_healthcheck_operator%3A-">cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Anode_maintenance_operator%3A-">cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift%3A-%3A%3A%7E%7E%7Eaws%7E%7E">cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_api_for_data_protection%3A-">cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_container_platform%3A4.0">cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_container_platform_assisted_installer%3A-">cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_data_science%3A-">cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_dev_spaces%3A-">cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_developer_tools_and_services%3A-">cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_distributed_tracing%3A-">cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_gitops%3A-">cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_pipelines%3A-">cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_sandboxed_containers%3A-">cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_secondary_scheduler_operator%3A-">cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_serverless%3A-">cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_service_mesh%3A2.0">cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenshift_virtualization%3A4">cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenstack_platform%3A16.1">cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenstack_platform%3A16.2">cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenstack_platform%3A17.1">cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aprocess_automation%3A7.0">cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aquay%3A3.0.0">cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Arun_once_duration_override_operator%3A-">cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Asatellite%3A6.0">cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aself_node_remediation_operator%3A-">cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aservice_interconnect%3A1.0">cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aservice_telemetry_framework%3A1.5">cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Asingle_sign-on%3A7.0">cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Asupport_for_spring_boot%3A-">cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aweb_terminal%3A-">cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Atraefik%3Atraefik">cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:* versions up to (excluding) 2.10.5</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Atraefik%3Atraefik%3A3.0.0%3Abeta1">cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Atraefik%3Atraefik%3A3.0.0%3Abeta2">cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Atraefik%3Atraefik%3A3.0.0%3Abeta3">cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Avarnish_cache_project%3Avarnish_cache">cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:* versions up to (excluding) 2023-10-10</a></li></ul></p><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46589">CVE-2023-46589</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="tomcat-embed-core-10.1.13.jar" data-sha1="6909967f2ed6c323108c2cc7f20586d6f7eb6455" data-pkgurl="pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-46589">suppress</button></p><p><pre>Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single 
request as multiple requests leading to the possibility of request 
smuggling when behind a reverse proxy.

Users are recommended to upgrade to version 11.0.0-M11��onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.

</pre>CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')<br/><br/>CVSSv3:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:3.9/RC:R/MAV:A</li></ul><br/>References:<ul><li>security@apache.org - <a target="_blank" href="https://www.openwall.com/lists/oss-security/2023/11/28/2">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>security@apache.org - <a target="_blank" href="https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr">MAILING_LIST,VENDOR_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs15">show all</a>)<ul><li class="vs15"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 10.1.0; versions up to (excluding) 10.1.16</a></li><li class="vs15">...</li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 10.1.0; versions up to (excluding) 10.1.16</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.96</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 9.0.0; versions up to (excluding) 9.0.83</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone1">cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone10">cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone2">cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone3">cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone4">cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone5">cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone6">cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone7">cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone8">cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*</a></li><li class="vs15 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone9">cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*</a></li></ul></p><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42795">CVE-2023-42795</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="tomcat-embed-core-10.1.13.jar" data-sha1="6909967f2ed6c323108c2cc7f20586d6f7eb6455" data-pkgurl="pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-42795">suppress</button></p><p><pre>Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could 
cause Tomcat to skip some parts of the recycling process leading to 
information leaking from the current request/response to the next.

Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.

</pre>CWE-459 Incomplete Cleanup<br/><br/>CVSSv3:<ul><li>Base Score: MEDIUM (5.3)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:3.9/RC:R/MAV:A</li></ul><br/>References:<ul><li>security@apache.org - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2023/10/10/9">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>security@apache.org - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>security@apache.org - <a target="_blank" href="https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw">MAILING_LIST,VENDOR_ADVISORY</a></li><li>security@apache.org - <a target="_blank" href="https://www.debian.org/security/2023/dsa-5521">THIRD_PARTY_ADVISORY</a></li><li>security@apache.org - <a target="_blank" href="https://www.debian.org/security/2023/dsa-5522">THIRD_PARTY_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs16">show all</a>)<ul><li class="vs16"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 10.1.1; versions up to (excluding) 10.1.14</a></li><li class="vs16">...</li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 10.1.1; versions up to (excluding) 10.1.14</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.94</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 9.0.1; versions up to (excluding) 9.0.81</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone1">cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone10">cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone11">cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone12">cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone13">cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone14">cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone15">cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone16">cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone17">cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone18">cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone19">cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone2">cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone20">cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone21">cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone22">cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone23">cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone24">cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone25">cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone26">cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone27">cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone3">cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone4">cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone5">cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone6">cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone7">cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone8">cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone9">cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone1">cpe:2.3:a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone10">cpe:2.3:a:apache:tomcat:10.1.0:milestone10:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone11">cpe:2.3:a:apache:tomcat:10.1.0:milestone11:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone12">cpe:2.3:a:apache:tomcat:10.1.0:milestone12:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone13">cpe:2.3:a:apache:tomcat:10.1.0:milestone13:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone14">cpe:2.3:a:apache:tomcat:10.1.0:milestone14:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone15">cpe:2.3:a:apache:tomcat:10.1.0:milestone15:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone16">cpe:2.3:a:apache:tomcat:10.1.0:milestone16:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone17">cpe:2.3:a:apache:tomcat:10.1.0:milestone17:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone18">cpe:2.3:a:apache:tomcat:10.1.0:milestone18:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone19">cpe:2.3:a:apache:tomcat:10.1.0:milestone19:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone2">cpe:2.3:a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone20">cpe:2.3:a:apache:tomcat:10.1.0:milestone20:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone3">cpe:2.3:a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone4">cpe:2.3:a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone5">cpe:2.3:a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone6">cpe:2.3:a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone7">cpe:2.3:a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone8">cpe:2.3:a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone9">cpe:2.3:a:apache:tomcat:10.1.0:milestone9:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone1">cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone10">cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone11">cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone2">cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone3">cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone4">cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone5">cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone6">cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone7">cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone8">cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*</a></li><li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone9">cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*</a></li></ul></p><p><b><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45648">CVE-2023-45648</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="tomcat-embed-core-10.1.13.jar" data-sha1="6909967f2ed6c323108c2cc7f20586d6f7eb6455" data-pkgurl="pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13" data-type-to-suppress="cve" data-id-to-suppress="CVE-2023-45648">suppress</button></p><p><pre>Improper Input Validation vulnerability in Apache Tomcat.Tomcat��from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially 
crafted, invalid trailer header could cause Tomcat to treat a single 
request as multiple requests leading to the possibility of request 
smuggling when behind a reverse proxy.

Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.

</pre>CWE-20 Improper Input Validation, NVD-CWE-Other<br/><br/>CVSSv3:<ul><li>Base Score: MEDIUM (5.3)</li><li>Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:3.9/RC:R/MAV:A</li></ul><br/>References:<ul><li>security@apache.org - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2023/10/10/10">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>security@apache.org - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html">MAILING_LIST,THIRD_PARTY_ADVISORY</a></li><li>security@apache.org - <a target="_blank" href="https://www.debian.org/security/2023/dsa-5521">THIRD_PARTY_ADVISORY</a></li><li>security@apache.org - <a target="_blank" href="https://www.debian.org/security/2023/dsa-5522">THIRD_PARTY_ADVISORY</a></li><li>security@apache.org - <a target="_blank" href="https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp">VENDOR_ADVISORY</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs17">show all</a>)<ul><li class="vs17"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 10.1.1; versions up to (excluding) 10.1.14</a></li><li class="vs17">...</li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 10.1.1; versions up to (excluding) 10.1.14</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.94</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat">cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from (including) 9.0.1; versions up to (excluding) 9.0.81</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone1">cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone10">cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone11">cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone12">cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone13">cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone14">cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone15">cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone16">cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone17">cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone18">cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone19">cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone2">cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone20">cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone21">cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone22">cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone23">cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone24">cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone25">cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone26">cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone27">cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone3">cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone4">cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone5">cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone6">cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone7">cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone8">cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A9.0.0%3Amilestone9">cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone1">cpe:2.3:a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone10">cpe:2.3:a:apache:tomcat:10.1.0:milestone10:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone11">cpe:2.3:a:apache:tomcat:10.1.0:milestone11:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone12">cpe:2.3:a:apache:tomcat:10.1.0:milestone12:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone13">cpe:2.3:a:apache:tomcat:10.1.0:milestone13:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone14">cpe:2.3:a:apache:tomcat:10.1.0:milestone14:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone15">cpe:2.3:a:apache:tomcat:10.1.0:milestone15:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone16">cpe:2.3:a:apache:tomcat:10.1.0:milestone16:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone17">cpe:2.3:a:apache:tomcat:10.1.0:milestone17:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone18">cpe:2.3:a:apache:tomcat:10.1.0:milestone18:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone19">cpe:2.3:a:apache:tomcat:10.1.0:milestone19:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone2">cpe:2.3:a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone20">cpe:2.3:a:apache:tomcat:10.1.0:milestone20:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone3">cpe:2.3:a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone4">cpe:2.3:a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone5">cpe:2.3:a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone6">cpe:2.3:a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone7">cpe:2.3:a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone8">cpe:2.3:a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A10.1.0%3Amilestone9">cpe:2.3:a:apache:tomcat:10.1.0:milestone9:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone1">cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone10">cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone11">cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone2">cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone3">cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone4">cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone5">cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone6">cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone7">cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone8">cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*</a></li><li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A11.0.0%3Amilestone9">cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l50_22c8845f7528334905c582e48a3eeefab616b0a5"></a>tomcat-embed-el-10.1.13.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Core Tomcat implementation</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\apache\tomcat\embed\tomcat-embed-el\10.1.13\tomcat-embed-el-10.1.13.jar<br/><b>MD5:</b>&nbsp;a8900f9bbe319050026c5d1e4d90713d<br/><b>SHA1:</b>&nbsp;22c8845f7528334905c582e48a3eeefab616b0a5<br/><b>SHA256:</b>e8f9b7c4c4db55e4c94285bca0a84dce677b3fc6e73a3eb4042d2a9e6066a486<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">tomcat-embed-el-10.1.13.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-validation@3.0.11</p><h4 id="header116" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content116" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>tomcat-embed-el</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>el</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tomcat-embed-jasper-el</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>provide-capability</td><td>osgi.contract;osgi.contract=JakartaExpressionLanguage;version:Version=&quot;5.0&quot;;uses:=&quot;jakarta.el&quot;,osgi.service;objectClass:List=&quot;jakarta.el.ExpressionFactory&quot;;effective:=active,osgi.serviceloader;osgi.serviceloader=&quot;jakarta.el.ExpressionFactory&quot;;register:=&quot;org.apache.el.ExpressionFactoryImpl&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>manifest: jakarta/el/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>tomcat-embed-el</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>tomcat-embed-el</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.tomcat.embed</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://tomcat.apache.org/</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>tomcat-embed-el</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>el</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>expression</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>expressionfactory</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>expressionfactoryimpl</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jakarta</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>tomcat-embed-jasper-el</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tomcat-embed-jasper-el</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>provide-capability</td><td>osgi.contract;osgi.contract=JakartaExpressionLanguage;version:Version=&quot;5.0&quot;;uses:=&quot;jakarta.el&quot;,osgi.service;objectClass:List=&quot;jakarta.el.ExpressionFactory&quot;;effective:=active,osgi.serviceloader;osgi.serviceloader=&quot;jakarta.el.ExpressionFactory&quot;;register:=&quot;org.apache.el.ExpressionFactoryImpl&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/el/</td><td>Implementation-Title</td><td>jakarta.annotation</td><td>Medium</td></tr><tr><td>Product</td><td>manifest: jakarta/el/</td><td>Specification-Title</td><td>Jakarta Expression Language</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>tomcat-embed-el</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.apache.tomcat.embed</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://tomcat.apache.org/</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>10.1.13</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>10.1.13</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>10.1.13</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>10.1.13</td><td>Highest</td></tr></table></div><h4 id="header117" class="subsectionheader white">Identifiers</h4><div id="content117" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.13?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.13</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l51_47b8fe31c6d1a3382203af919400527389e01e9c"></a>txw2-4.0.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
        TXW is a library that allows you to write XML documents.
    </pre></p><p><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\glassfish\jaxb\txw2\4.0.3\txw2-4.0.3.jar<br/><b>MD5:</b>&nbsp;b95e92bbc4dd7183916a11ed210b6169<br/><b>SHA1:</b>&nbsp;47b8fe31c6d1a3382203af919400527389e01e9c<br/><b>SHA256:</b>df07a51801b995e44aec9a95ef875d95fbb8de2874417de6066d84f731cb9e9c<br/><b>Referenced In Project/Scope:</b> VulnApp:runtime<br/><span class="tooltip"><span class="tooltiptext">txw2-4.0.3.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.0.11</p><h4 id="header118" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content118" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>txw2</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>sun</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>txw</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>txw2</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>xml</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar (hint)</td><td>package name</td><td>oracle</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>git-revision</td><td>ff66b10</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.eclipse</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Eclipse Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>txw2</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>txw2</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.glassfish.jaxb</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>TXW2 Runtime</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jaxb-txw-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.sun.xml.bind.mvn</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://eclipse-ee4j.github.io/jaxb-ri/</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>txw2</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>sun</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>txw</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>txw2</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>xml</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>git-revision</td><td>ff66b10</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Eclipse Implementation of JAXB</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Jakarta XML Binding</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>txw2</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.glassfish.jaxb</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>TXW2 Runtime</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jaxb-txw-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.sun.xml.bind.mvn</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://eclipse-ee4j.github.io/jaxb-ri/</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>4.0.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>build-version</td><td>4.0.3</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>4.0.3</td><td>Highest</td></tr></table></div><h4 id="header119" class="subsectionheader white">Identifiers</h4><div id="content119" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.glassfish.jaxb/txw2@4.0.3?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.glassfish.jaxb/txw2@4.0.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aeclipse&amp;cpe_product=cpe%3A%2F%3Aeclipse%3Aglassfish&amp;cpe_version=cpe%3A%2F%3Aeclipse%3Aglassfish%3A4.0.3" target="_blank">cpe:2.3:a:eclipse:glassfish:4.0.3:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="txw2-4.0.3.jar" data-sha1="47b8fe31c6d1a3382203af919400527389e01e9c" data-pkgurl="pkg:maven/org.glassfish.jaxb/txw2@4.0.3" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:eclipse:glassfish">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l52_7b90360afb2b860e09e8347112800d12c12b2a13"></a>unbescape-1.1.6.RELEASE.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Advanced yet easy-to-use escape/unescape library for Java</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;C:\Users\kreml\.m2\repository\org\unbescape\unbescape\1.1.6.RELEASE\unbescape-1.1.6.RELEASE.jar<br/><b>MD5:</b>&nbsp;d95ed94e1624e307a1958ee105ccbf39<br/><b>SHA1:</b>&nbsp;7b90360afb2b860e09e8347112800d12c12b2a13<br/><b>SHA256:</b>597cf87d5b1a4f385b9d1cec974b7b483abb3ee85fc5b3f8b62af8e4bec95c2c<br/><b>Referenced In Project/Scope:</b> VulnApp:compile<br/><span class="tooltip"><span class="tooltiptext">unbescape-1.1.6.RELEASE.jar is in the transitive dependency tree of the listed items.</span><b>Included by:</b></span> pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.0.11</p><h4 id="header120" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content120" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>unbescape</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>java</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>unbescape</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>unbescape</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.unbescape.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.unbescape</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://www.unbescape.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The UNBESCAPE team</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.unbescape</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The UNBESCAPE team</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>unbescape</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>unbescape</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer email</td><td>daniel.fernandez AT 11thlabs DOT org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>developer id</td><td>danielfernandez</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>developer name</td><td>Daniel Fernandez</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.unbescape</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>unbescape</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>The UNBESCAPE team</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://www.unbescape.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.unbescape.org</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>unbescape</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>java</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>unbescape</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>unbescape</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.unbescape.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>unbescape</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.unbescape</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>unbescape</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://www.unbescape.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>unbescape</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>unbescape</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>developer email</td><td>daniel.fernandez AT 11thlabs DOT org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer id</td><td>danielfernandez</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>developer name</td><td>Daniel Fernandez</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>org.unbescape</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>unbescape</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>The UNBESCAPE team</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://www.unbescape.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.unbescape.org</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.1.6.RELEASE</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.1.6.RELEASE</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.1.6.RELEASE</td><td>Highest</td></tr></table></div><h4 id="header121" class="subsectionheader white">Identifiers</h4><div id="content121" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.unbescape/unbescape@1.1.6.RELEASE?utm_source=dependency-check&amp;utm_medium=integration&amp;utm_content=9.1.0" target="_blank">pkg:maven/org.unbescape/unbescape@1.1.6.RELEASE</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div></div></div><div><br/><br/>This report contains data retrieved from the <a href="https://nvd.nist.gov">National Vulnerability Database</a>.<br/>This report may contain data retrieved from the <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">CISA Known Exploited Vulnerability Catalog</a>.<br/>This report may contain data retrieved from the <a href="https://github.com/advisories/">Github Advisory Database (via NPM Audit API)</a>.<br/>This report may contain data retrieved from <a href="https://retirejs.github.io/retire.js/">RetireJS</a>.<br/>This report may contain data retrieved from the <a href="https://ossindex.sonatype.org">Sonatype OSS Index</a>.</div></body></html>